Commit 96c95d2c authored by Daniel Gerhardt's avatar Daniel Gerhardt

Forbid paths matching the pattern of THM usernames

parent f8fd6205
......@@ -24,6 +24,7 @@ class Group < Namespace
validate :visibility_level_allowed_by_projects
validates :avatar, file_size: { maximum: 200.kilobytes.to_i }
validates :path, format: { without: /\A([a-zA-Z]{4}[0-9]{2}|hg[0-9]+)\z/, message: "must not match the format of THM usernames" }
mount_uploader :avatar, AvatarUploader
......
......@@ -176,6 +176,7 @@ class Project < ActiveRecord::Base
validates :repository_storage,
presence: true,
inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } }
validates :path, format: { without: /\A([a-zA-Z]{4}[0-9]{2}|hg[0-9]+)\z/, message: "must not match the format of THM usernames" }
add_authentication_token_field :runners_token
before_save :ensure_runners_token
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment