GitLab steht aufgrund wichtiger Wartungsarbeiten am Montag, den 8. März, zwischen 17:00 und 19:00 Uhr nicht zur Verfügung.

Commit 086cfc86 authored by Stan Hu's avatar Stan Hu

Fix API project lookups when querying with a namespace with dots

Attempting to use the /projects/:id API by specifying :id in
"namespace/project" format would always result in a 404 if the namespace
contained a dot.

The reason? From http://guides.rubyonrails.org/routing.html#specifying-constraints:

"By default the :id parameter doesn't accept dots - this is because the dot is
used as a separator for formatted routes. If you need to use a dot within an
:id add a constraint which overrides this - for example id: /[^\/]+/ allows
anything except a slash."

Closes https://github.com/gitlabhq/gitlabhq/issues/9573
parent bfb3c8d9
......@@ -13,6 +13,7 @@ v 8.4.0 (unreleased)
- Revert back upvote and downvote button to the issue and MR pages
- Swap position of Assignee and Author selector on Issuables (Zeger-Jan van de Weg)
- Fix version check image in Safari
- Fix API project lookups when querying with a namespace with dots (Stan Hu)
v 8.3.3 (unreleased)
- Fix project transfer e-mail sending incorrect paths in e-mail notification (Stan Hu)
......
......@@ -3,7 +3,7 @@ module API
class Projects < Grape::API
before { authenticate! }
resource :projects do
resource :projects, requirements: { id: /[^\/]+/ } do
helpers do
def map_public_to_visibility_level(attrs)
publik = attrs.delete(:public)
......
......@@ -382,6 +382,15 @@
expect(response.status).to eq(404)
end
it 'should handle users with dots' do
dot_user = create(:user, username: 'dot.user')
project = create(:project, creator_id: dot_user.id, namespace: dot_user.namespace)
get api("/projects/#{dot_user.namespace.name}%2F#{project.path}", dot_user)
expect(response.status).to eq(200)
expect(json_response['name']).to eq(project.name)
end
describe 'permissions' do
context 'all projects' do
it 'Contains permission information' do
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment