BigW Consortium Gitlab

Commit 0be4b0b7 by Douwe Maan

Merge branch '36020-private-npm-modules' into 'master'

Do not generate links for private NPM modules in blob view Closes #36020 See merge request gitlab-org/gitlab-ce!16002
parents ac22576d d02059dd
...@@ -27,10 +27,17 @@ module BlobViewer ...@@ -27,10 +27,17 @@ module BlobViewer
private private
def package_name_from_json(key) def json_data
prepare! @json_data ||= begin
prepare!
JSON.parse(blob.data)
rescue
{}
end
end
JSON.parse(blob.data)[key] rescue nil def package_name_from_json(key)
json_data[key]
end end
def package_name_from_method_call(name) def package_name_from_method_call(name)
......
...@@ -16,7 +16,25 @@ module BlobViewer ...@@ -16,7 +16,25 @@ module BlobViewer
@package_name ||= package_name_from_json('name') @package_name ||= package_name_from_json('name')
end end
def package_type
private? ? 'private package' : super
end
def package_url def package_url
private? ? homepage : npm_url
end
private
def private?
!!json_data['private']
end
def homepage
json_data['homepage']
end
def npm_url
"https://www.npmjs.com/package/#{package_name}" "https://www.npmjs.com/package/#{package_name}"
end end
end end
......
...@@ -6,6 +6,6 @@ ...@@ -6,6 +6,6 @@
- if viewer.package_name - if viewer.package_name
and defines a #{viewer.package_type} named and defines a #{viewer.package_type} named
%strong< %strong<
= link_to viewer.package_name, viewer.package_url, target: '_blank', rel: 'noopener noreferrer' = link_to_if viewer.package_url.present?, viewer.package_name, viewer.package_url, target: '_blank', rel: 'noopener noreferrer'
= link_to 'Learn more', viewer.manager_url, target: '_blank', rel: 'noopener noreferrer' = link_to 'Learn more', viewer.manager_url, target: '_blank', rel: 'noopener noreferrer'
---
title: Do not generate NPM links for private NPM modules in blob view
merge_request: 16002
author: Mario de la Ossa
type: added
...@@ -22,4 +22,51 @@ describe BlobViewer::PackageJson do ...@@ -22,4 +22,51 @@ describe BlobViewer::PackageJson do
expect(subject.package_name).to eq('module-name') expect(subject.package_name).to eq('module-name')
end end
end end
describe '#package_url' do
it 'returns the package URL' do
expect(subject).to receive(:prepare!)
expect(subject.package_url).to eq("https://www.npmjs.com/package/#{subject.package_name}")
end
end
describe '#package_type' do
it 'returns "package"' do
expect(subject).to receive(:prepare!)
expect(subject.package_type).to eq('package')
end
end
context 'when package.json has "private": true' do
let(:data) do
<<-SPEC.strip_heredoc
{
"name": "module-name",
"version": "10.3.1",
"private": true,
"homepage": "myawesomepackage.com"
}
SPEC
end
let(:blob) { fake_blob(path: 'package.json', data: data) }
subject { described_class.new(blob) }
describe '#package_url' do
it 'returns homepage if any' do
expect(subject).to receive(:prepare!)
expect(subject.package_url).to eq('myawesomepackage.com')
end
end
describe '#package_type' do
it 'returns "private package"' do
expect(subject).to receive(:prepare!)
expect(subject.package_type).to eq('private package')
end
end
end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment