Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
7e3f49ba
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
7e3f49ba
编写于
11月 14, 2014
作者:
D
Dmitriy Zaporozhets
浏览文件
操作
浏览文件
下载
差异文件
Merge branch 'branch_name' into 'master'
Strip tags from branch name See merge request !1251
上级
d55f5587
334fe865
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
55 addition
and
1 deletion
+55
-1
app/controllers/projects/branches_controller.rb
app/controllers/projects/branches_controller.rb
+4
-1
spec/controllers/branches_controller_spec.rb
spec/controllers/branches_controller_spec.rb
+51
-0
未找到文件。
app/controllers/projects/branches_controller.rb
浏览文件 @
7e3f49ba
class
Projects::BranchesController
<
Projects
::
ApplicationController
include
ActionView
::
Helpers
::
SanitizeHelper
# Authorize
before_filter
:require_non_empty_project
...
...
@@ -16,8 +17,10 @@ class Projects::BranchesController < Projects::ApplicationController
end
def
create
branch_name
=
sanitize
(
strip_tags
(
params
[
:branch_name
]))
ref
=
sanitize
(
strip_tags
(
params
[
:ref
]))
result
=
CreateBranchService
.
new
(
project
,
current_user
).
execute
(
params
[
:branch_name
],
params
[
:ref
]
)
execute
(
branch_name
,
ref
)
if
result
[
:status
]
==
:success
@branch
=
result
[
:branch
]
...
...
spec/controllers/branches_controller_spec.rb
0 → 100644
浏览文件 @
7e3f49ba
require
'spec_helper'
describe
Projects
::
BranchesController
do
let
(
:project
)
{
create
(
:project
)
}
let
(
:user
)
{
create
(
:user
)
}
before
do
sign_in
(
user
)
project
.
team
<<
[
user
,
:master
]
project
.
stub
(
:branches
).
and_return
([
'master'
,
'foo/bar/baz'
])
project
.
stub
(
:tags
).
and_return
([
'v1.0.0'
,
'v2.0.0'
])
controller
.
instance_variable_set
(
:@project
,
project
)
end
describe
"POST create"
do
render_views
before
{
post
:create
,
project_id:
project
.
to_param
,
branch_name:
branch
,
ref:
ref
}
context
"valid branch name, valid source"
do
let
(
:branch
)
{
"merge_branch"
}
let
(
:ref
)
{
"master"
}
it
{
should
redirect_to
(
"/
#{
project
.
path_with_namespace
}
/tree/merge_branch"
)
}
end
context
"invalid branch name, valid ref"
do
let
(
:branch
)
{
"<script>alert('merge');</script>"
}
let
(
:ref
)
{
"master"
}
it
{
should
redirect_to
(
"/
#{
project
.
path_with_namespace
}
/tree/alert('merge');"
)
}
end
context
"valid branch name, invalid ref"
do
let
(
:branch
)
{
"merge_branch"
}
let
(
:ref
)
{
"<script>alert('ref');</script>"
}
it
{
should
render_template
(
"new"
)
}
end
context
"invalid branch name, invalid ref"
do
let
(
:branch
)
{
"<script>alert('merge');</script>"
}
let
(
:ref
)
{
"<script>alert('ref');</script>"
}
it
{
should
render_template
(
"new"
)
}
end
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录