Skip to content

G
gitlab-foss

李少辉-开发者 / gitlab-foss

通知 15
Star 0
Fork 0
G
gitlab-foss

前往新版Gitcode,体验更适合开发者的 AI 搜索 >>

提交 7627cc19 编写于 作者: R Ruben Davila
浏览文件
操作

Validate presence of essential params for diff rendering 

This will avoid application errors generated by the assumption of the
presence of these params.
上级 e6d87b39
隐藏空白更改
内联 并排
Showing with 47 addition and 0 deletion
app/controllers/projects/blob_controller.rb
浏览文件 @ 7627cc19
......@@ -16,6 +16,7 @@ class Projects::BlobController < Projects::ApplicationController
before_action :from_merge_request, only: [:edit, :update]
before_action :require_branch_head, only: [:edit, :update]
before_action :editor_variables, except: [:show, :preview, :diff]
before_action :validate_diff_params, only: :diff
def new
commit unless @repository.empty?
......@@ -146,4 +147,10 @@ class Projects::BlobController < Projects::ApplicationController
file_content_encoding: params[:encoding]
}
end
def validate_diff_params
if [:since, :to, :offset].any? { |key| params[key].blank? }
render nothing: true
end
end
end
spec/controllers/projects/blob_controller_spec.rb 0 → 100644
浏览文件 @ 7627cc19
require 'rails_helper'
describe Projects::BlobController do
let(:project) { create(:project) }
let(:user) { create(:user) }
before do
user = create(:user)
project.team << [user, :master]
sign_in(user)
end
describe 'GET diff' do
render_views
def do_get(opts = {})
params = { namespace_id: project.namespace.to_param,
project_id: project.to_param,
id: 'master/CHANGELOG' }
get :diff, params.merge(opts)
end
context 'when essential params are missing' do
it 'renders nothing' do
do_get
expect(response.body).to be_blank
end
end
context 'when essential params are present' do
it 'renders the diff content' do
do_get(since: 1, to: 5, offset: 10)
expect(response.body).to be_present
end
end
end
end
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册