BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
260c8da0
Commit
260c8da0
authored
Aug 10, 2017
by
Robert Speicher
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Whitelist or fix additional `Gitlab/PublicSend` cop violations
An upcoming update to rubocop-gitlab-security added additional violations.
parent
a64760d6
Hide whitespace changes
Inline
Side-by-side
Showing
61 changed files
with
128 additions
and
88 deletions
+128
-88
.rubocop.yml
.rubocop.yml
+9
-5
issuable_actions.rb
app/controllers/concerns/issuable_actions.rb
+1
-1
github_controller.rb
app/controllers/import/github_controller.rb
+1
-1
uploads_controller.rb
app/controllers/uploads_controller.rb
+1
-1
commits_helper.rb
app/helpers/commits_helper.rb
+3
-3
import_helper.rb
app/helpers/import_helper.rb
+1
-1
issuables_helper.rb
app/helpers/issuables_helper.rb
+8
-5
milestones_helper.rb
app/helpers/milestones_helper.rb
+12
-1
projects_helper.rb
app/helpers/projects_helper.rb
+4
-3
commit.rb
app/models/commit.rb
+1
-1
cache_markdown_field.rb
app/models/concerns/cache_markdown_field.rb
+3
-3
internal_id.rb
app/models/concerns/internal_id.rb
+1
-1
mentionable.rb
app/models/concerns/mentionable.rb
+2
-2
participable.rb
app/models/concerns/participable.rb
+1
-1
project_features_compatibility.rb
app/models/concerns/project_features_compatibility.rb
+1
-1
commit.rb
app/models/network/commit.rb
+1
-1
project.rb
app/models/project.rb
+2
-2
chat_notification_service.rb
app/models/project_services/chat_notification_service.rb
+1
-1
hipchat_service.rb
app/models/project_services/hipchat_service.rb
+1
-1
protectable_dropdown.rb
app/models/protectable_dropdown.rb
+6
-2
repository.rb
app/models/repository.rb
+6
-4
user.rb
app/models/user.rb
+1
-1
akismet_service.rb
app/services/akismet_service.rb
+1
-1
retry_build_service.rb
app/services/ci/retry_build_service.rb
+1
-1
change_service.rb
app/services/commits/change_service.rb
+1
-0
issuable_base_service.rb
app/services/issuable_base_service.rb
+1
-1
destroy_service.rb
app/services/members/destroy_service.rb
+1
-1
notification_service.rb
app/services/notification_service.rb
+2
-0
system_hooks_service.rb
app/services/system_hooks_service.rb
+1
-1
base_service.rb
app/services/test_hooks/base_service.rb
+1
-1
gitlab_shell_worker.rb
app/workers/gitlab_shell_worker.rb
+1
-1
1_settings.rb
config/initializers/1_settings.rb
+2
-0
api_guard.rb
lib/api/api_guard.rb
+1
-1
entities.rb
lib/api/entities.rb
+3
-2
runners.rb
lib/api/runners.rb
+1
-1
notes.rb
lib/api/v3/notes.rb
+3
-3
external_issue_reference_filter.rb
lib/banzai/filter/external_issue_reference_filter.rb
+2
-2
object_renderer.rb
lib/banzai/object_renderer.rb
+1
-1
base_pipeline.rb
lib/banzai/pipeline/base_pipeline.rb
+1
-1
renderer.rb
lib/banzai/renderer.rb
+2
-2
collection.rb
lib/bitbucket/collection.rb
+1
-1
ansi2html.rb
lib/ci/ansi2html.rb
+1
-1
base.rb
lib/declarative_policy/base.rb
+1
-1
dsl.rb
lib/declarative_policy/dsl.rb
+1
-1
file_size_validator.rb
lib/file_size_validator.rb
+2
-2
auth.rb
lib/gitlab/auth.rb
+2
-2
request_cache.rb
lib/gitlab/cache/request_cache.rb
+1
-1
line_mapper.rb
lib/gitlab/diff/line_mapper.rb
+3
-3
blob.rb
lib/gitlab/git/blob.rb
+1
-1
tree.rb
lib/gitlab/git/tree.rb
+1
-1
gitaly_client.rb
lib/gitlab/gitaly_client.rb
+1
-1
base_formatter.rb
lib/gitlab/github_import/base_formatter.rb
+3
-1
client.rb
lib/gitlab/github_import/client.rb
+1
-1
importer.rb
lib/gitlab/github_import/importer.rb
+1
-1
lazy.rb
lib/gitlab/lazy.rb
+1
-1
person.rb
lib/gitlab/ldap/person.rb
+2
-2
pipeline.rb
lib/gitlab/markdown/pipeline.rb
+1
-1
uploaded_file.rb
lib/uploaded_file.rb
+1
-1
release.rb
qa/qa/runtime/release.rb
+1
-1
file_size_validator_spec.rb
spec/lib/file_size_validator_spec.rb
+2
-2
protectable_dropdown_spec.rb
spec/models/protectable_dropdown_spec.rb
+7
-0
No files found.
.rubocop.yml
View file @
260c8da0
...
...
@@ -1174,29 +1174,33 @@ RSpec/VerifiedDoubles:
GitlabSecurity/DeepMunge
:
Enabled
:
true
Exclude
:
-
'
spec/**/*'
-
'
lib/**/*.rake'
-
'
spec/**/*'
GitlabSecurity/PublicSend
:
Enabled
:
true
Exclude
:
-
'
spec/**/*'
-
'
config/**/*'
-
'
db/**/*'
-
'
features/**/*'
-
'
lib/**/*.rake'
-
'
qa/**/*'
-
'
spec/**/*'
GitlabSecurity/RedirectToParamsUpdate
:
Enabled
:
true
Exclude
:
-
'
spec/**/*'
-
'
lib/**/*.rake'
-
'
spec/**/*'
GitlabSecurity/SqlInjection
:
Enabled
:
true
Exclude
:
-
'
spec/**/*'
-
'
lib/**/*.rake'
-
'
spec/**/*'
GitlabSecurity/SystemCommandInjection
:
Enabled
:
true
Exclude
:
-
'
spec/**/*'
-
'
lib/**/*.rake'
-
'
spec/**/*'
app/controllers/concerns/issuable_actions.rb
View file @
260c8da0
...
...
@@ -10,7 +10,7 @@ module IssuableActions
def
destroy
issuable
.
destroy
destroy_method
=
"destroy_
#{
issuable
.
class
.
name
.
underscore
}
"
.
to_sym
TodoService
.
new
.
public_send
(
destroy_method
,
issuable
,
current_user
)
TodoService
.
new
.
public_send
(
destroy_method
,
issuable
,
current_user
)
# rubocop:disable GitlabSecurity/PublicSend
name
=
issuable
.
human_class_name
flash
[
:notice
]
=
"The
#{
name
}
was successfully deleted."
...
...
app/controllers/import/github_controller.rb
View file @
260c8da0
...
...
@@ -64,7 +64,7 @@ class Import::GithubController < Import::BaseController
end
def
import_enabled?
__send__
(
"
#{
provider
}
_import_enabled?"
)
__send__
(
"
#{
provider
}
_import_enabled?"
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
new_import_url
...
...
app/controllers/uploads_controller.rb
View file @
260c8da0
...
...
@@ -89,7 +89,7 @@ class UploadsController < ApplicationController
@uploader
.
retrieve_from_store!
(
params
[
:filename
])
else
@uploader
=
@model
.
send
(
upload_mount
)
@uploader
=
@model
.
public_send
(
upload_mount
)
# rubocop:disable GitlabSecurity/PublicSend
redirect_to
@uploader
.
url
unless
@uploader
.
file_storage?
end
...
...
app/helpers/commits_helper.rb
View file @
260c8da0
...
...
@@ -128,10 +128,10 @@ module CommitsHelper
# avatar: true will prepend the avatar image
# size: size of the avatar image in px
def
commit_person_link
(
commit
,
options
=
{})
user
=
commit
.
send
(
options
[
:source
])
user
=
commit
.
public_send
(
options
[
:source
])
# rubocop:disable GitlabSecurity/PublicSend
source_name
=
clean
(
commit
.
send
"
#{
options
[
:source
]
}
_name"
.
to_sym
)
source_email
=
clean
(
commit
.
send
"
#{
options
[
:source
]
}
_email"
.
to_sym
)
source_name
=
clean
(
commit
.
public_send
(
:"
#{
options
[
:source
]
}
_name"
))
# rubocop:disable GitlabSecurity/PublicSend
source_email
=
clean
(
commit
.
public_send
(
:"
#{
options
[
:source
]
}
_email"
))
# rubocop:disable GitlabSecurity/PublicSend
person_name
=
user
.
try
(
:name
)
||
source_name
...
...
app/helpers/import_helper.rb
View file @
260c8da0
...
...
@@ -5,7 +5,7 @@ module ImportHelper
end
def
provider_project_link
(
provider
,
path_with_namespace
)
url
=
__send__
(
"
#{
provider
}
_project_url"
,
path_with_namespace
)
url
=
__send__
(
"
#{
provider
}
_project_url"
,
path_with_namespace
)
# rubocop:disable GitlabSecurity/PublicSend
link_to
path_with_namespace
,
url
,
target:
'_blank'
,
rel:
'noopener noreferrer'
end
...
...
app/helpers/issuables_helper.rb
View file @
260c8da0
...
...
@@ -174,7 +174,14 @@ module IssuablesHelper
end
def
assigned_issuables_count
(
issuable_type
)
current_user
.
public_send
(
"assigned_open_
#{
issuable_type
}
_count"
)
case
issuable_type
when
:issues
current_user
.
assigned_open_issues_count
when
:merge_requests
current_user
.
assigned_open_merge_requests_count
else
raise
ArgumentError
,
"invalid issuable `
#{
issuable_type
}
`"
end
end
def
issuable_filter_params
...
...
@@ -298,10 +305,6 @@ module IssuablesHelper
cookies
[
:collapsed_gutter
]
==
'true'
end
def
base_issuable_scope
(
issuable
)
issuable
.
project
.
send
(
issuable
.
class
.
table_name
).
send
(
issuable_state_scope
(
issuable
))
end
def
issuable_state_scope
(
issuable
)
if
issuable
.
respond_to?
(
:merged?
)
&&
issuable
.
merged?
:merged
...
...
app/helpers/milestones_helper.rb
View file @
260c8da0
...
...
@@ -32,7 +32,18 @@ module MilestonesHelper
end
def
milestone_issues_by_label_count
(
milestone
,
label
,
state
:)
milestone
.
issues
.
with_label
(
label
.
title
).
send
(
state
).
size
issues
=
milestone
.
issues
.
with_label
(
label
.
title
)
issues
=
case
state
when
:opened
issues
.
opened
when
:closed
issues
.
closed
else
raise
ArgumentError
,
"invalid milestone state `
#{
state
}
`"
end
issues
.
size
end
# Returns count of milestones for different states
...
...
app/helpers/projects_helper.rb
View file @
260c8da0
...
...
@@ -149,15 +149,16 @@ module ProjectsHelper
# Don't show option "everyone with access" if project is private
options
=
project_feature_options
level
=
@project
.
project_feature
.
public_send
(
field
)
# rubocop:disable GitlabSecurity/PublicSend
if
@project
.
private?
level
=
@project
.
project_feature
.
send
(
field
)
disabled_option
=
ProjectFeature
::
ENABLED
highest_available_option
=
ProjectFeature
::
PRIVATE
if
level
==
disabled_option
end
options
=
options_for_select
(
options
.
invert
,
selected:
highest_available_option
||
@project
.
project_feature
.
public_send
(
field
)
,
selected:
highest_available_option
||
level
,
disabled:
disabled_option
)
...
...
@@ -486,7 +487,7 @@ module ProjectsHelper
end
def
filename_path
(
project
,
filename
)
if
project
&&
blob
=
project
.
repository
.
send
(
filename
)
if
project
&&
blob
=
project
.
repository
.
public_send
(
filename
)
# rubocop:disable GitlabSecurity/PublicSend
project_blob_path
(
project
,
tree_join
(
project
.
default_branch
,
blob
.
name
)
...
...
app/models/commit.rb
View file @
260c8da0
...
...
@@ -200,7 +200,7 @@ class Commit
end
def
method_missing
(
m
,
*
args
,
&
block
)
@raw
.
send
(
m
,
*
args
,
&
block
)
@raw
.
__send__
(
m
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
respond_to_missing?
(
method
,
include_private
=
false
)
...
...
app/models/concerns/cache_markdown_field.rb
View file @
260c8da0
...
...
@@ -78,7 +78,7 @@ module CacheMarkdownField
def
cached_html_up_to_date?
(
markdown_field
)
html_field
=
cached_markdown_fields
.
html_field
(
markdown_field
)
cached
=
cached_html_for
(
markdown_field
).
present?
&&
__send__
(
markdown_field
).
present?
cached
=
cached_html_for
(
markdown_field
).
present?
&&
__send__
(
markdown_field
).
present?
# rubocop:disable GitlabSecurity/PublicSend
return
false
unless
cached
markdown_changed
=
attribute_changed?
(
markdown_field
)
||
false
...
...
@@ -93,14 +93,14 @@ module CacheMarkdownField
end
def
attribute_invalidated?
(
attr
)
__send__
(
"
#{
attr
}
_invalidated?"
)
__send__
(
"
#{
attr
}
_invalidated?"
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
cached_html_for
(
markdown_field
)
raise
ArgumentError
.
new
(
"Unknown field:
#{
field
}
"
)
unless
cached_markdown_fields
.
markdown_fields
.
include?
(
markdown_field
)
__send__
(
cached_markdown_fields
.
html_field
(
markdown_field
))
__send__
(
cached_markdown_fields
.
html_field
(
markdown_field
))
# rubocop:disable GitlabSecurity/PublicSend
end
included
do
...
...
app/models/concerns/internal_id.rb
View file @
260c8da0
...
...
@@ -9,7 +9,7 @@ module InternalId
def
set_iid
if
iid
.
blank?
parent
=
project
||
group
records
=
parent
.
send
(
self
.
class
.
name
.
tableize
)
records
=
parent
.
public_send
(
self
.
class
.
name
.
tableize
)
# rubocop:disable GitlabSecurity/PublicSend
records
=
records
.
with_deleted
if
self
.
paranoid?
max_iid
=
records
.
maximum
(
:iid
)
...
...
app/models/concerns/mentionable.rb
View file @
260c8da0
...
...
@@ -56,7 +56,7 @@ module Mentionable
end
self
.
class
.
mentionable_attrs
.
each
do
|
attr
,
options
|
text
=
__send__
(
attr
)
text
=
__send__
(
attr
)
# rubocop:disable GitlabSecurity/PublicSend
options
=
options
.
merge
(
cache_key:
[
self
,
attr
],
author:
author
,
...
...
@@ -100,7 +100,7 @@ module Mentionable
end
self
.
class
.
mentionable_attrs
.
any?
do
|
attr
,
_
|
__send__
(
attr
)
=~
reference_pattern
__send__
(
attr
)
=~
reference_pattern
# rubocop:disable GitlabSecurity/PublicSend
end
end
...
...
app/models/concerns/participable.rb
View file @
260c8da0
...
...
@@ -82,7 +82,7 @@ module Participable
if
attr
.
respond_to?
(
:call
)
source
.
instance_exec
(
current_user
,
ext
,
&
attr
)
else
process
<<
source
.
__send__
(
attr
)
process
<<
source
.
__send__
(
attr
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
when
Enumerable
,
ActiveRecord
::
Relation
...
...
app/models/concerns/project_features_compatibility.rb
View file @
260c8da0
...
...
@@ -32,6 +32,6 @@ module ProjectFeaturesCompatibility
build_project_feature
unless
project_feature
access_level
=
Gitlab
::
Utils
.
to_boolean
(
value
)
?
ProjectFeature
::
ENABLED
:
ProjectFeature
::
DISABLED
project_feature
.
send
(
:write_attribute
,
field
,
access_level
)
project_feature
.
__send__
(
:write_attribute
,
field
,
access_level
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
app/models/network/commit.rb
View file @
260c8da0
...
...
@@ -12,7 +12,7 @@ module Network
end
def
method_missing
(
m
,
*
args
,
&
block
)
@commit
.
send
(
m
,
*
args
,
&
block
)
@commit
.
__send__
(
m
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
space
...
...
app/models/project.rb
View file @
260c8da0
...
...
@@ -921,14 +921,14 @@ class Project < ActiveRecord::Base
end
def
execute_hooks
(
data
,
hooks_scope
=
:push_hooks
)
hooks
.
send
(
hooks_scope
).
each
do
|
hook
|
hooks
.
public_send
(
hooks_scope
).
each
do
|
hook
|
# rubocop:disable GitlabSecurity/PublicSend
hook
.
async_execute
(
data
,
hooks_scope
.
to_s
)
end
end
def
execute_services
(
data
,
hooks_scope
=
:push_hooks
)
# Call only service hooks that are active for this scope
services
.
send
(
hooks_scope
).
each
do
|
service
|
services
.
public_send
(
hooks_scope
).
each
do
|
service
|
# rubocop:disable GitlabSecurity/PublicSend
service
.
async_execute
(
data
)
end
end
...
...
app/models/project_services/chat_notification_service.rb
View file @
260c8da0
...
...
@@ -115,7 +115,7 @@ class ChatNotificationService < Service
def
get_channel_field
(
event
)
field_name
=
event_channel_name
(
event
)
self
.
public_send
(
field_name
)
self
.
public_send
(
field_name
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
build_event_channels
...
...
app/models/project_services/hipchat_service.rb
View file @
260c8da0
...
...
@@ -53,7 +53,7 @@ class HipchatService < Service
return
unless
supported_events
.
include?
(
data
[
:object_kind
])
message
=
create_message
(
data
)
return
unless
message
.
present?
gate
[
room
].
send
(
'GitLab'
,
message
,
message_options
(
data
))
gate
[
room
].
send
(
'GitLab'
,
message
,
message_options
(
data
))
# rubocop:disable GitlabSecurity/PublicSend
end
def
test
(
data
)
...
...
app/models/protectable_dropdown.rb
View file @
260c8da0
class
ProtectableDropdown
REF_TYPES
=
%i[branches tags]
.
freeze
def
initialize
(
project
,
ref_type
)
raise
ArgumentError
,
"invalid ref type `
#{
ref_type
}
`"
unless
ref_type
.
in?
(
REF_TYPES
)
@project
=
project
@ref_type
=
ref_type
end
...
...
@@ -16,7 +20,7 @@ class ProtectableDropdown
private
def
refs
@project
.
repository
.
public_send
(
@ref_type
)
@project
.
repository
.
public_send
(
@ref_type
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
ref_names
...
...
@@ -24,7 +28,7 @@ class ProtectableDropdown
end
def
protections
@project
.
public_send
(
"protected_
#{
@ref_type
}
"
)
@project
.
public_send
(
"protected_
#{
@ref_type
}
"
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
non_wildcard_protected_ref_names
...
...
app/models/repository.rb
View file @
260c8da0
...
...
@@ -48,7 +48,9 @@ class Repository
alias_method
(
original
,
name
)
define_method
(
name
)
do
cache_method_output
(
name
,
fallback:
fallback
,
memoize_only:
memoize_only
)
{
__send__
(
original
)
}
cache_method_output
(
name
,
fallback:
fallback
,
memoize_only:
memoize_only
)
do
__send__
(
original
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
end
...
...
@@ -439,9 +441,9 @@ class Repository
def
method_missing
(
m
,
*
args
,
&
block
)
if
m
==
:lookup
&&
!
block_given?
lookup_cache
[
m
]
||=
{}
lookup_cache
[
m
][
args
.
join
(
":"
)]
||=
raw_repository
.
send
(
m
,
*
args
,
&
block
)
lookup_cache
[
m
][
args
.
join
(
":"
)]
||=
raw_repository
.
__send__
(
m
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
else
raw_repository
.
send
(
m
,
*
args
,
&
block
)
raw_repository
.
__send__
(
m
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
...
...
@@ -772,7 +774,7 @@ class Repository
end
actions
.
each
do
|
options
|
index
.
public_send
(
options
.
delete
(
:action
),
options
)
index
.
public_send
(
options
.
delete
(
:action
),
options
)
# rubocop:disable GitlabSecurity/PublicSend
end
options
=
{
...
...
app/models/user.rb
View file @
260c8da0
...
...
@@ -1070,7 +1070,7 @@ class User < ActiveRecord::Base
# Added according to https://github.com/plataformatec/devise/blob/7df57d5081f9884849ca15e4fde179ef164a575f/README.md#activejob-integration
def
send_devise_notification
(
notification
,
*
args
)
return
true
unless
can?
(
:receive_notifications
)
devise_mailer
.
send
(
notification
,
self
,
*
args
).
deliver_later
devise_mailer
.
__send__
(
notification
,
self
,
*
args
).
deliver_later
# rubocop:disable GitlabSecurity/PublicSend
end
# This works around a bug in Devise 4.2.0 that erroneously causes a user to
...
...
app/services/akismet_service.rb
View file @
260c8da0
...
...
@@ -58,7 +58,7 @@ class AkismetService
}
begin
akismet_client
.
public_send
(
type
,
options
[
:ip_address
],
options
[
:user_agent
],
params
)
akismet_client
.
public_send
(
type
,
options
[
:ip_address
],
options
[
:user_agent
],
params
)
# rubocop:disable GitlabSecurity/PublicSend
true
rescue
=>
e
Rails
.
logger
.
error
(
"Unable to connect to Akismet:
#{
e
}
, skipping!"
)
...
...
app/services/ci/retry_build_service.rb
View file @
260c8da0
...
...
@@ -23,7 +23,7 @@ module Ci
end
attributes
=
CLONE_ACCESSORS
.
map
do
|
attribute
|
[
attribute
,
build
.
send
(
attribute
)]
[
attribute
,
build
.
public_send
(
attribute
)]
# rubocop:disable GitlabSecurity/PublicSend
end
attributes
.
push
([
:user
,
current_user
])
...
...
app/services/commits/change_service.rb
View file @
260c8da0
...
...
@@ -11,6 +11,7 @@ module Commits
def
commit_change
(
action
)
raise
NotImplementedError
unless
repository
.
respond_to?
(
action
)
# rubocop:disable GitlabSecurity/PublicSend
repository
.
public_send
(
action
,
current_user
,
...
...
app/services/issuable_base_service.rb
View file @
260c8da0
...
...
@@ -338,7 +338,7 @@ class IssuableBaseService < BaseService
def
invalidate_cache_counts
(
issuable
,
users:
[],
skip_project_cache:
false
)
users
.
each
do
|
user
|
user
.
public_send
(
"invalidate_
#{
issuable
.
model_name
.
singular
}
_cache_counts"
)
user
.
public_send
(
"invalidate_
#{
issuable
.
model_name
.
singular
}
_cache_counts"
)
# rubocop:disable GitlabSecurity/PublicSend
end
unless
skip_project_cache
...
...
app/services/members/destroy_service.rb
View file @
260c8da0
...
...
@@ -31,7 +31,7 @@ module Members
source
.
members
.
find_by
(
condition
)
||
source
.
requesters
.
find_by!
(
condition
)
else
source
.
public_send
(
scope
).
find_by!
(
condition
)
source
.
public_send
(
scope
).
find_by!
(
condition
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
...
...
app/services/notification_service.rb
View file @
260c8da0
# rubocop:disable GitlabSecurity/PublicSend
# NotificationService class
#
# Used for notifying users with emails about different events
...
...
app/services/system_hooks_service.rb
View file @
260c8da0
...
...
@@ -4,7 +4,7 @@ class SystemHooksService
end
def
execute_hooks
(
data
,
hooks_scope
=
:all
)
SystemHook
.
public_send
(
hooks_scope
).
find_each
do
|
hook
|
SystemHook
.
public_send
(
hooks_scope
).
find_each
do
|
hook
|
# rubocop:disable GitlabSecurity/PublicSend
hook
.
async_execute
(
data
,
'system_hooks'
)
end
end
...
...
app/services/test_hooks/base_service.rb
View file @
260c8da0
...
...
@@ -18,7 +18,7 @@ module TestHooks
end
error_message
=
catch
(
:validation_error
)
do
sample_data
=
self
.
__send__
(
trigger_data_method
)
sample_data
=
self
.
__send__
(
trigger_data_method
)
# rubocop:disable GitlabSecurity/PublicSend
return
hook
.
execute
(
sample_data
,
trigger
)
end
...
...
app/workers/gitlab_shell_worker.rb
View file @
260c8da0
...
...
@@ -4,6 +4,6 @@ class GitlabShellWorker
include
DedicatedSidekiqQueue
def
perform
(
action
,
*
arg
)
gitlab_shell
.
send
(
action
,
*
arg
)
gitlab_shell
.
__send__
(
action
,
*
arg
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
config/initializers/1_settings.rb
View file @
260c8da0
# rubocop:disable GitlabSecurity/PublicSend
require_dependency
Rails
.
root
.
join
(
'lib/gitlab'
)
# Load Gitlab as soon as possible
class
Settings
<
Settingslogic
...
...
lib/api/api_guard.rb
View file @
260c8da0
...
...
@@ -122,7 +122,7 @@ module API
error_classes
=
[
MissingTokenError
,
TokenNotFoundError
,
ExpiredError
,
RevokedError
,
InsufficientScopeError
]
base
.
send
:rescue_from
,
*
error_classes
,
oauth2_bearer_token_error_handler
base
.
__send__
(
:rescue_from
,
*
error_classes
,
oauth2_bearer_token_error_handler
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
oauth2_bearer_token_error_handler
...
...
lib/api/entities.rb
View file @
260c8da0
...
...
@@ -541,8 +541,9 @@ module API
target_url
=
"namespace_project_
#{
target_type
}
_url"
target_anchor
=
"note_
#{
todo
.
note_id
}
"
if
todo
.
note_id?
Gitlab
::
Routing
.
url_helpers
.
public_send
(
target_url
,
todo
.
project
.
namespace
,
todo
.
project
,
todo
.
target
,
anchor:
target_anchor
)
Gitlab
::
Routing
.
url_helpers
.
public_send
(
target_url
,
todo
.
project
.
namespace
,
todo
.
project
,
todo
.
target
,
anchor:
target_anchor
)
# rubocop:disable GitlabSecurity/PublicSend
end
expose
:body
...
...
lib/api/runners.rb
View file @
260c8da0
...
...
@@ -153,7 +153,7 @@ module API
render_api_error!
(
'Scope contains invalid value'
,
400
)
end
runners
.
send
(
scope
)
runners
.
public_send
(
scope
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
get_runner
(
id
)
...
...
lib/api/v3/notes.rb
View file @
260c8da0
...
...
@@ -22,7 +22,7 @@ module API
use
:pagination
end
get
":id/
#{
noteables_str
}
/:noteable_id/notes"
do
noteable
=
user_project
.
send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
noteable
=
user_project
.
public_send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
# rubocop:disable GitlabSecurity/PublicSend
if
can?
(
current_user
,
noteable_read_ability_name
(
noteable
),
noteable
)
# We exclude notes that are cross-references and that cannot be viewed
...
...
@@ -50,7 +50,7 @@ module API
requires
:noteable_id
,
type:
Integer
,
desc:
'The ID of the noteable'
end
get
":id/
#{
noteables_str
}
/:noteable_id/notes/:note_id"
do
noteable
=
user_project
.
send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
noteable
=
user_project
.
public_send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
# rubocop:disable GitlabSecurity/PublicSend
note
=
noteable
.
notes
.
find
(
params
[
:note_id
])
can_read_note
=
can?
(
current_user
,
noteable_read_ability_name
(
noteable
),
noteable
)
&&
!
note
.
cross_reference_not_visible_for?
(
current_user
)
...
...
@@ -76,7 +76,7 @@ module API
noteable_id:
params
[
:noteable_id
]
}
noteable
=
user_project
.
send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
noteable
=
user_project
.
public_send
(
noteables_str
.
to_sym
).
find
(
params
[
:noteable_id
])
# rubocop:disable GitlabSecurity/PublicSend
if
can?
(
current_user
,
noteable_read_ability_name
(
noteable
),
noteable
)
if
params
[
:created_at
]
&&
(
current_user
.
admin?
||
user_project
.
owner
==
current_user
)
...
...
lib/banzai/filter/external_issue_reference_filter.rb
View file @
260c8da0
...
...
@@ -95,10 +95,10 @@ module Banzai
private
def
external_issues_cached
(
attribute
)
return
project
.
public_send
(
attribute
)
unless
RequestStore
.
active?
return
project
.
public_send
(
attribute
)
unless
RequestStore
.
active?
# rubocop:disable GitlabSecurity/PublicSend
cached_attributes
=
RequestStore
[
:banzai_external_issues_tracker_attributes
]
||=
Hash
.
new
{
|
h
,
k
|
h
[
k
]
=
{}
}
cached_attributes
[
project
.
id
][
attribute
]
=
project
.
public_send
(
attribute
)
if
cached_attributes
[
project
.
id
][
attribute
].
nil?
cached_attributes
[
project
.
id
][
attribute
]
=
project
.
public_send
(
attribute
)
if
cached_attributes
[
project
.
id
][
attribute
].
nil?
# rubocop:disable GitlabSecurity/PublicSend
cached_attributes
[
project
.
id
][
attribute
]
end
end
...
...
lib/banzai/object_renderer.rb
View file @
260c8da0
...
...
@@ -37,7 +37,7 @@ module Banzai
objects
.
each_with_index
do
|
object
,
index
|
redacted_data
=
redacted
[
index
]
object
.
__send__
(
"redacted_
#{
attribute
}
_html="
,
redacted_data
[
:document
].
to_html
.
html_safe
)
object
.
__send__
(
"redacted_
#{
attribute
}
_html="
,
redacted_data
[
:document
].
to_html
.
html_safe
)
# rubocop:disable GitlabSecurity/PublicSend
object
.
user_visible_reference_count
=
redacted_data
[
:visible_reference_count
]
end
end
...
...
lib/banzai/pipeline/base_pipeline.rb
View file @
260c8da0
...
...
@@ -18,7 +18,7 @@ module Banzai
define_method
(
meth
)
do
|
text
,
context
|
context
=
transform_context
(
context
)
html_pipeline
.
send
(
meth
,
text
,
context
)
html_pipeline
.
__send__
(
meth
,
text
,
context
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
end
...
...
lib/banzai/renderer.rb
View file @
260c8da0
...
...
@@ -43,7 +43,7 @@ module Banzai
# Same as +render_field+, but without consulting or updating the cache field
def
self
.
cacheless_render_field
(
object
,
field
,
options
=
{})
text
=
object
.
__send__
(
field
)
text
=
object
.
__send__
(
field
)
# rubocop:disable GitlabSecurity/PublicSend
context
=
object
.
banzai_render_context
(
field
).
merge
(
options
)
cacheless_render
(
text
,
context
)
...
...
@@ -156,7 +156,7 @@ module Banzai
# method.
def
self
.
full_cache_multi_key
(
cache_key
,
pipeline_name
)
return
unless
cache_key
Rails
.
cache
.
send
(
:expanded_key
,
full_cache_key
(
cache_key
,
pipeline_name
))
Rails
.
cache
.
__send__
(
:expanded_key
,
full_cache_key
(
cache_key
,
pipeline_name
))
# rubocop:disable GitlabSecurity/PublicSend
end
# GitLab EE needs to disable updates on GET requests in Geo
...
...
lib/bitbucket/collection.rb
View file @
260c8da0
...
...
@@ -13,7 +13,7 @@ module Bitbucket
def
method_missing
(
method
,
*
args
)
return
super
unless
self
.
respond_to?
(
method
)
self
.
send
(
method
,
*
args
)
do
|
item
|
self
.
__send__
(
method
,
*
args
)
do
|
item
|
# rubocop:disable GitlabSecurity/PublicSend
block_given?
?
yield
(
item
)
:
item
end
end
...
...
lib/ci/ansi2html.rb
View file @
260c8da0
...
...
@@ -208,7 +208,7 @@ module Ci
return
unless
command
=
stack
.
shift
()
if
self
.
respond_to?
(
"on_
#{
command
}
"
,
true
)
self
.
send
(
"on_
#{
command
}
"
,
stack
)
self
.
__send__
(
"on_
#{
command
}
"
,
stack
)
# rubocop:disable GitlabSecurity/PublicSend
end
evaluate_command_stack
(
stack
)
...
...
lib/declarative_policy/base.rb
View file @
260c8da0
...
...
@@ -109,7 +109,7 @@ module DeclarativePolicy
name
=
name
.
to_sym
if
delegation_block
.
nil?
delegation_block
=
proc
{
@subject
.
__send__
(
name
)
}
delegation_block
=
proc
{
@subject
.
__send__
(
name
)
}
# rubocop:disable GitlabSecurity/PublicSend
end
own_delegations
[
name
]
=
delegation_block
...
...
lib/declarative_policy/dsl.rb
View file @
260c8da0
...
...
@@ -93,7 +93,7 @@ module DeclarativePolicy
def
method_missing
(
m
,
*
a
,
&
b
)
return
super
unless
@context_class
.
respond_to?
(
m
)
@context_class
.
__send__
(
m
,
*
a
,
&
b
)
@context_class
.
__send__
(
m
,
*
a
,
&
b
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
respond_to_missing?
(
m
)
...
...
lib/file_size_validator.rb
View file @
260c8da0
...
...
@@ -44,13 +44,13 @@ class FileSizeValidator < ActiveModel::EachValidator
when
Integer
check_value
when
Symbol
record
.
send
(
check_value
)
record
.
public_send
(
check_value
)
# rubocop:disable GitlabSecurity/PublicSend
end
value
||=
[]
if
key
==
:maximum
value_size
=
value
.
size
next
if
value_size
.
send
(
validity_check
,
check_value
)
next
if
value_size
.
public_send
(
validity_check
,
check_value
)
# rubocop:disable GitlabSecurity/PublicSend
errors_options
=
options
.
except
(
*
RESERVED_OPTIONS
)
errors_options
[
:file_size
]
=
help
.
number_to_human_size
check_value
...
...
lib/gitlab/auth.rb
View file @
260c8da0
...
...
@@ -101,7 +101,7 @@ module Gitlab
if
Service
.
available_services_names
.
include?
(
underscored_service
)
# We treat underscored_service as a trusted input because it is included
# in the Service.available_services_names whitelist.
service
=
project
.
public_send
(
"
#{
underscored_service
}
_service"
)
service
=
project
.
public_send
(
"
#{
underscored_service
}
_service"
)
# rubocop:disable GitlabSecurity/PublicSend
if
service
&&
service
.
activated?
&&
service
.
valid_token?
(
password
)
Gitlab
::
Auth
::
Result
.
new
(
nil
,
project
,
:ci
,
build_authentication_abilities
)
...
...
@@ -149,7 +149,7 @@ module Gitlab
def
abilities_for_scope
(
scopes
)
scopes
.
map
do
|
scope
|
self
.
public_send
(
:"
#{
scope
}
_scope_authentication_abilities"
)
self
.
public_send
(
:"
#{
scope
}
_scope_authentication_abilities"
)
# rubocop:disable GitlabSecurity/PublicSend
end
.
flatten
.
uniq
end
...
...
lib/gitlab/cache/request_cache.rb
View file @
260c8da0
...
...
@@ -69,7 +69,7 @@ module Gitlab
instance_variable_set
(
ivar_name
,
{})
end
key
=
__send__
(
cache_key_method_name
,
args
)
key
=
__send__
(
cache_key_method_name
,
args
)
# rubocop:disable GitlabSecurity/PublicSend
store
.
fetch
(
key
)
{
store
[
key
]
=
super
(
*
args
)
}
end
...
...
lib/gitlab/diff/line_mapper.rb
View file @
260c8da0
...
...
@@ -38,7 +38,7 @@ module Gitlab
# - The first diff line with a higher line number, if it falls between diff contexts
# - The last known diff line, if it falls after the last diff context
diff_line
=
diff_lines
.
find
do
|
diff_line
|
diff_from_line
=
diff_line
.
send
(
from
)
diff_from_line
=
diff_line
.
public_send
(
from
)
# rubocop:disable GitlabSecurity/PublicSend
diff_from_line
&&
diff_from_line
>=
from_line
end
diff_line
||=
diff_lines
.
last
...
...
@@ -47,8 +47,8 @@ module Gitlab
# mapped line number is the same as the specified line number.
return
from_line
unless
diff_line
diff_from_line
=
diff_line
.
send
(
from
)
diff_to_line
=
diff_line
.
send
(
to
)
diff_from_line
=
diff_line
.
public_send
(
from
)
# rubocop:disable GitlabSecurity/PublicSend
diff_to_line
=
diff_line
.
public_send
(
to
)
# rubocop:disable GitlabSecurity/PublicSend
# If the line was removed, there is no mapped line number.
return
unless
diff_to_line
...
...
lib/gitlab/git/blob.rb
View file @
260c8da0
...
...
@@ -173,7 +173,7 @@ module Gitlab
def
initialize
(
options
)
%w(id name path size data mode commit_id binary)
.
each
do
|
key
|
self
.
send
(
"
#{
key
}
="
,
options
[
key
.
to_sym
])
self
.
__send__
(
"
#{
key
}
="
,
options
[
key
.
to_sym
])
# rubocop:disable GitlabSecurity/PublicSend
end
@loaded_all_data
=
false
...
...
lib/gitlab/git/tree.rb
View file @
260c8da0
...
...
@@ -89,7 +89,7 @@ module Gitlab
def
initialize
(
options
)
%w(id root_id name path type mode commit_id)
.
each
do
|
key
|
self
.
send
(
"
#{
key
}
="
,
options
[
key
.
to_sym
])
self
.
send
(
"
#{
key
}
="
,
options
[
key
.
to_sym
])
# rubocop:disable GitlabSecurity/PublicSend
end
end
...
...
lib/gitlab/gitaly_client.rb
View file @
260c8da0
...
...
@@ -55,7 +55,7 @@ module Gitlab
def
self
.
call
(
storage
,
service
,
rpc
,
request
)
metadata
=
request_metadata
(
storage
)
metadata
=
yield
(
metadata
)
if
block_given?
stub
(
service
,
storage
).
send
(
rpc
,
request
,
metadata
)
stub
(
service
,
storage
).
__send__
(
rpc
,
request
,
metadata
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
self
.
request_metadata
(
storage
)
...
...
lib/gitlab/github_import/base_formatter.rb
View file @
260c8da0
...
...
@@ -11,7 +11,9 @@ module Gitlab
end
def
create!
project
.
public_send
(
project_association
).
find_or_create_by!
(
find_condition
)
do
|
record
|
association
=
project
.
public_send
(
project_association
)
# rubocop:disable GitlabSecurity/PublicSend
association
.
find_or_create_by!
(
find_condition
)
do
|
record
|
record
.
attributes
=
attributes
end
end
...
...
lib/gitlab/github_import/client.rb
View file @
260c8da0
...
...
@@ -120,7 +120,7 @@ module Gitlab
def
request
(
method
,
*
args
,
&
block
)
sleep
rate_limit_sleep_time
if
rate_limit_exceed?
data
=
api
.
send
(
method
,
*
args
)
data
=
api
.
__send__
(
method
,
*
args
)
# rubocop:disable GitlabSecurity/PublicSend
return
data
unless
data
.
is_a?
(
Array
)
last_response
=
api
.
last_response
...
...
lib/gitlab/github_import/importer.rb
View file @
260c8da0
...
...
@@ -289,7 +289,7 @@ module Gitlab
opts
.
last
[
:page
]
=
current_page
(
resource_type
)
client
.
public_send
(
resource_type
,
*
opts
)
do
|
resources
|
client
.
public_send
(
resource_type
,
*
opts
)
do
|
resources
|
# rubocop:disable GitlabSecurity/PublicSend
yield
resources
increment_page
(
resource_type
)
end
...
...
lib/gitlab/lazy.rb
View file @
260c8da0
...
...
@@ -16,7 +16,7 @@ module Gitlab
def
method_missing
(
name
,
*
args
,
&
block
)
__evaluate__
@result
.
__send__
(
name
,
*
args
,
&
block
)
@result
.
__send__
(
name
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
respond_to_missing?
(
name
,
include_private
=
false
)
...
...
lib/gitlab/ldap/person.rb
View file @
260c8da0
...
...
@@ -32,7 +32,7 @@ module Gitlab
end
def
uid
entry
.
send
(
config
.
uid
).
first
entry
.
public_send
(
config
.
uid
).
first
# rubocop:disable GitlabSecurity/PublicSend
end
def
username
...
...
@@ -65,7 +65,7 @@ module Gitlab
return
nil
unless
selected_attr
entry
.
public_send
(
selected_attr
)
entry
.
public_send
(
selected_attr
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
end
...
...
lib/gitlab/markdown/pipeline.rb
View file @
260c8da0
...
...
@@ -23,7 +23,7 @@ module Gitlab
define_method
(
meth
)
do
|
text
,
context
|
context
=
transform_context
(
context
)
html_pipeline
.
send
(
meth
,
text
,
context
)
html_pipeline
.
__send__
(
meth
,
text
,
context
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
end
...
...
lib/uploaded_file.rb
View file @
260c8da0
...
...
@@ -27,7 +27,7 @@ class UploadedFile
alias_method
:local_path
,
:path
def
method_missing
(
method_name
,
*
args
,
&
block
)
#:nodoc:
@tempfile
.
__send__
(
method_name
,
*
args
,
&
block
)
@tempfile
.
__send__
(
method_name
,
*
args
,
&
block
)
# rubocop:disable GitlabSecurity/PublicSend
end
def
respond_to?
(
method_name
,
include_private
=
false
)
#:nodoc:
...
...
qa/qa/runtime/release.rb
View file @
260c8da0
...
...
@@ -21,7 +21,7 @@ module QA
end
def
self
.
method_missing
(
name
,
*
args
)
self
.
new
.
strategy
.
public_send
(
name
,
*
args
)
self
.
new
.
strategy
.
public_send
(
name
,
*
args
)
# rubocop:disable GitlabSecurity/PublicSend
end
end
end
...
...
spec/lib/file_size_validator_spec.rb
View file @
260c8da0
...
...
@@ -24,13 +24,13 @@ describe FileSizeValidator do
describe
'options uses a symbol'
do
let
(
:options
)
do
{
maximum: :
test
,
maximum: :
max_attachment_size
,
attributes:
{
attachment:
attachment
}
}
end
before
do
allow
(
note
).
to
receive
(
:test
)
{
10
}
expect
(
note
).
to
receive
(
:max_attachment_size
)
{
10
}
end
it
'attachment exceeds maximum limit'
do
...
...
spec/models/protectable_dropdown_spec.rb
View file @
260c8da0
...
...
@@ -4,6 +4,13 @@ describe ProtectableDropdown do
let
(
:project
)
{
create
(
:project
,
:repository
)
}
let
(
:subject
)
{
described_class
.
new
(
project
,
:branches
)
}
describe
'initialize'
do
it
'raises ArgumentError for invalid ref type'
do
expect
{
described_class
.
new
(
double
,
:foo
)
}
.
to
raise_error
(
ArgumentError
,
"invalid ref type `foo`"
)
end
end
describe
'#protectable_ref_names'
do
before
do
project
.
protected_branches
.
create
(
name:
'master'
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment