BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
567a25b6
Commit
567a25b6
authored
Jun 13, 2015
by
Robert Speicher
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Ensure `session_expire_delay` field exists before accessing it
Closes #1798
parent
89b56c81
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
12 additions
and
13 deletions
+12
-13
application_setting.rb
app/models/application_setting.rb
+4
-4
session_store.rb
config/initializers/session_store.rb
+4
-5
schema.rb
db/schema.rb
+4
-4
No files found.
app/models/application_setting.rb
View file @
567a25b6
...
@@ -27,10 +27,10 @@ class ApplicationSetting < ActiveRecord::Base
...
@@ -27,10 +27,10 @@ class ApplicationSetting < ActiveRecord::Base
serialize
:restricted_visibility_levels
serialize
:restricted_visibility_levels
serialize
:restricted_signup_domains
,
Array
serialize
:restricted_signup_domains
,
Array
attr_accessor
:restricted_signup_domains_raw
attr_accessor
:restricted_signup_domains_raw
validates
:session_expire_delay
,
validates
:session_expire_delay
,
presence:
true
,
presence:
true
,
numericality:
{
only_integer:
true
,
greater_than_or_equal_to:
0
}
numericality:
{
only_integer:
true
,
greater_than_or_equal_to:
0
}
validates
:home_page_url
,
validates
:home_page_url
,
allow_blank:
true
,
allow_blank:
true
,
...
...
config/initializers/session_store.rb
View file @
567a25b6
# Be sure to restart your server when you modify this file.
# Be sure to restart your server when you modify this file.
if
ActiveRecord
::
Base
.
connection
.
active?
&&
ActiveRecord
::
Base
.
connection
.
table_exists?
(
'application_settings'
)
require
'gitlab/current_settings'
Settings
.
gitlab
[
'session_expire_delay'
]
=
ApplicationSetting
.
current
.
session_expire_delay
include
Gitlab
::
CurrentSettings
end
Settings
.
gitlab
[
'session_expire_delay'
]
=
current_application_settings
.
session_expire_delay
Gitlab
::
Application
.
config
.
session_store
(
Gitlab
::
Application
.
config
.
session_store
(
:redis_store
,
# Using the cookie_store would enable session replay attacks.
:redis_store
,
# Using the cookie_store would enable session replay attacks.
...
@@ -12,4 +12,4 @@ Gitlab::Application.config.session_store(
...
@@ -12,4 +12,4 @@ Gitlab::Application.config.session_store(
httponly:
true
,
httponly:
true
,
expire_after:
Settings
.
gitlab
[
'session_expire_delay'
]
*
60
,
expire_after:
Settings
.
gitlab
[
'session_expire_delay'
]
*
60
,
path:
(
Rails
.
application
.
config
.
relative_url_root
.
nil?
)
?
'/'
:
Rails
.
application
.
config
.
relative_url_root
path:
(
Rails
.
application
.
config
.
relative_url_root
.
nil?
)
?
'/'
:
Rails
.
application
.
config
.
relative_url_root
)
)
\ No newline at end of file
db/schema.rb
View file @
567a25b6
...
@@ -11,7 +11,7 @@
...
@@ -11,7 +11,7 @@
#
#
# It's strongly recommended that you check this file into your version control system.
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
2015060
42029
21
)
do
ActiveRecord
::
Schema
.
define
(
version:
2015060
91411
21
)
do
# These are extensions that must be enabled in order to support this database
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
enable_extension
"plpgsql"
...
@@ -29,13 +29,13 @@ ActiveRecord::Schema.define(version: 20150604202921) do
...
@@ -29,13 +29,13 @@ ActiveRecord::Schema.define(version: 20150604202921) do
t
.
boolean
"twitter_sharing_enabled"
,
default:
true
t
.
boolean
"twitter_sharing_enabled"
,
default:
true
t
.
text
"restricted_visibility_levels"
t
.
text
"restricted_visibility_levels"
t
.
boolean
"version_check_enabled"
,
default:
true
t
.
boolean
"version_check_enabled"
,
default:
true
t
.
integer
"max_attachment_size"
,
default:
10
,
null:
false
t
.
integer
"max_attachment_size"
,
default:
10
,
null:
false
t
.
integer
"default_project_visibility"
t
.
integer
"default_project_visibility"
t
.
integer
"default_snippet_visibility"
t
.
integer
"default_snippet_visibility"
t
.
text
"restricted_signup_domains"
t
.
text
"restricted_signup_domains"
t
.
boolean
"user_oauth_applications"
,
default:
true
t
.
boolean
"user_oauth_applications"
,
default:
true
t
.
string
"after_sign_out_path"
t
.
string
"after_sign_out_path"
t
.
integer
"session_expire_delay"
,
default:
10080
,
null:
false
t
.
integer
"session_expire_delay"
,
default:
10080
,
null:
false
end
end
create_table
"broadcast_messages"
,
force:
true
do
|
t
|
create_table
"broadcast_messages"
,
force:
true
do
|
t
|
...
@@ -496,12 +496,12 @@ ActiveRecord::Schema.define(version: 20150604202921) do
...
@@ -496,12 +496,12 @@ ActiveRecord::Schema.define(version: 20150604202921) do
t
.
string
"bitbucket_access_token"
t
.
string
"bitbucket_access_token"
t
.
string
"bitbucket_access_token_secret"
t
.
string
"bitbucket_access_token_secret"
t
.
string
"location"
t
.
string
"location"
t
.
string
"public_email"
,
default:
""
,
null:
false
t
.
string
"encrypted_otp_secret"
t
.
string
"encrypted_otp_secret"
t
.
string
"encrypted_otp_secret_iv"
t
.
string
"encrypted_otp_secret_iv"
t
.
string
"encrypted_otp_secret_salt"
t
.
string
"encrypted_otp_secret_salt"
t
.
boolean
"otp_required_for_login"
t
.
boolean
"otp_required_for_login"
t
.
text
"otp_backup_codes"
t
.
text
"otp_backup_codes"
t
.
string
"public_email"
,
default:
""
,
null:
false
end
end
add_index
"users"
,
[
"admin"
],
name:
"index_users_on_admin"
,
using: :btree
add_index
"users"
,
[
"admin"
],
name:
"index_users_on_admin"
,
using: :btree
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment