From 8926b37d5b0c48b9ef89e4769e622563a9b11e9f Mon Sep 17 00:00:00 2001 From: syasonik Date: Thu, 25 Apr 2019 14:00:51 +0800 Subject: [PATCH] Prefer safe_load and deep_symbolize_keys --- lib/gitlab/metrics/dashboard/processor.rb | 13 ++++++------- lib/gitlab/metrics/dashboard/service.rb | 4 ++-- .../projects/environments_controller_spec.rb | 2 +- spec/lib/gitlab/metrics/dashboard/service_spec.rb | 4 ++-- 4 files changed, 11 insertions(+), 12 deletions(-) diff --git a/lib/gitlab/metrics/dashboard/processor.rb b/lib/gitlab/metrics/dashboard/processor.rb index 36de1d033f2..46fd2f9440d 100644 --- a/lib/gitlab/metrics/dashboard/processor.rb +++ b/lib/gitlab/metrics/dashboard/processor.rb @@ -21,13 +21,12 @@ module Gitlab # Returns a new dashboard hash with the results of # running transforms on the dashboard. - def process(dashboard) - dashboard = dashboard.deep_symbolize_keys - - stage_params = [@project, @environment] - sequence.each { |stage| stage.new(*stage_params).transform!(dashboard) } - - dashboard + def process(raw_dashboard) + raw_dashboard.deep_symbolize_keys.tap do |dashboard| + sequence.each do |stage| + stage.new(@project, @environment).transform!(dashboard) + end + end end private diff --git a/lib/gitlab/metrics/dashboard/service.rb b/lib/gitlab/metrics/dashboard/service.rb index 966d7279aef..b8f144a7222 100644 --- a/lib/gitlab/metrics/dashboard/service.rb +++ b/lib/gitlab/metrics/dashboard/service.rb @@ -23,7 +23,7 @@ module Gitlab # Returns the base metrics shipped with every GitLab service. def system_dashboard - YAML.load_file(SYSTEM_DASHBOARD_PATH) + YAML.safe_load(File.read(SYSTEM_DASHBOARD_PATH)) end def cache_key @@ -32,7 +32,7 @@ module Gitlab # Returns a new dashboard Hash, supplemented with DB info def process_dashboard(dashboard) - Processor.new(project, params[:environment]).process(dashboard) + Gitlab::Metrics::Dashboard::Processor.new(project, params[:environment]).process(dashboard) end end end diff --git a/spec/controllers/projects/environments_controller_spec.rb b/spec/controllers/projects/environments_controller_spec.rb index b43698a6ef7..c1c4be45168 100644 --- a/spec/controllers/projects/environments_controller_spec.rb +++ b/spec/controllers/projects/environments_controller_spec.rb @@ -485,7 +485,7 @@ describe Projects::EnvironmentsController do context 'when the dashboard could not be provided' do before do - allow(YAML).to receive(:load_file).and_return({}) + allow(YAML).to receive(:safe_load).and_return({}) end it 'returns an error response' do diff --git a/spec/lib/gitlab/metrics/dashboard/service_spec.rb b/spec/lib/gitlab/metrics/dashboard/service_spec.rb index 3f82fd7ebf8..e66c356bf49 100644 --- a/spec/lib/gitlab/metrics/dashboard/service_spec.rb +++ b/spec/lib/gitlab/metrics/dashboard/service_spec.rb @@ -19,7 +19,7 @@ describe Gitlab::Metrics::Dashboard::Service, :use_clean_rails_memory_store_cach end it 'caches the dashboard for subsequent calls' do - expect(YAML).to receive(:load_file).once.and_call_original + expect(YAML).to receive(:safe_load).once.and_call_original described_class.new(project, environment).get_dashboard described_class.new(project, environment).get_dashboard @@ -27,7 +27,7 @@ describe Gitlab::Metrics::Dashboard::Service, :use_clean_rails_memory_store_cach context 'when the dashboard is configured incorrectly' do before do - allow(YAML).to receive(:load_file).and_return({}) + allow(YAML).to receive(:safe_load).and_return({}) end it 'returns an appropriate message and status code' do -- GitLab