Paths

Table of Contentst

Differential D14986

Enforce sensible, unique clone/checkout names for repositories
ClosedPublic
Actions

Authored by epriestley on Jan 10 2016, 7:18 PM.

Tags

None

Referenced Files

	F15462687: D14986.id.diff
	Tue, Apr 1, 4:50 PM

	F15461845: D14986.id36208.diff
	Tue, Apr 1, 11:48 AM

	F15456033: D14986.diff
	Sun, Mar 30, 6:35 AM

	F15431601: D14986.id36205.diff
	Mon, Mar 24, 1:23 PM

	F15412519: D14986.diff
	Wed, Mar 19, 1:25 PM

	F15397609: D14986.diff
	Sun, Mar 16, 9:18 PM

	F15397349: D14986.diff
	Sun, Mar 16, 7:41 PM

	F15396593: D14986.diff
	Sun, Mar 16, 3:17 PM

Subscribers

None

Details

Reviewers

Maniphest Tasks

T7938: Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories

Commits

Restricted Diffusion Commit
rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories

Summary

Fixes T7938.

Primarily, users can currently shoot themselves in the foot by putting ../../etc/passwd and other similar nonsense in these fields (this is not dangerous, but also does not work). Require sensible names.
Enforce uniqueness so these names can be used in URIs and as identifiers in the future.
(This doesn't start actually using them for anything fancy yet.)

Test Plan

Gave several repositories clone names: a valid name, two duplicate names, an invalid, name, some with no names.
Ran migrations.
Got clean conversion for valid names, appropriate errors for invalid/duplicate names.

Diff Detail

Repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 36205.Jan 10 2016, 7:18 PM

epriestley retitled this revision from to Enforce sensible, unique clone/checkout names for repositories.

epriestley updated this object.

epriestley edited the test plan for this revision. (Show Details)

epriestley added a reviewer: chad.

epriestley added a task: T7938: Do not allow users to enter things like "/" or ".." in the "Clone/Checkout" field in repositories.

epriestley updated this object.Jan 10 2016, 7:18 PM

epriestley updated this object.

epriestley mentioned this in T10115: Upgrading: Unique, Sensible Repository Slugs.Jan 10 2016, 7:27 PM

Nice tests!

This revision is now accepted and ready to land.Jan 11 2016, 1:08 AM

Closed by commit rP0b3d10c3da91: Enforce sensible, unique clone/checkout names for repositories (authored by epriestley, committed by epriestley). · Explain WhyJan 11 2016, 10:06 AM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

resources/

sql/

autopatches/

20160110.repo.01.slug.sql

5 lines

20160110.repo.02.slug.php

49 lines

src/

applications/

diffusion/

controller/

DiffusionRepositoryEditBasicController.php

21 lines

DiffusionRepositoryEditMainController.php

2 lines

repository/

editor/

PhabricatorRepositoryEditor.php

71 lines

query/

PhabricatorRepositoryQuery.php

13 lines

storage/

PhabricatorRepository.php

89 lines

__tests__/

PhabricatorRepositoryTestCase.php

64 lines

Diff 36208

resources/sql/autopatches/20160110.repo.01.slug.sql

Loading...

resources/sql/autopatches/20160110.repo.02.slug.php

Loading...

src/applications/diffusion/controller/DiffusionRepositoryEditBasicController.php

Loading...

src/applications/diffusion/controller/DiffusionRepositoryEditMainController.php

Loading...

src/applications/repository/editor/PhabricatorRepositoryEditor.php

Loading...

src/applications/repository/query/PhabricatorRepositoryQuery.php

Loading...

src/applications/repository/storage/PhabricatorRepository.php

Loading...

src/applications/repository/storage/tests/PhabricatorRepositoryTestCase.php

Loading...