taiga
/
taiga-back
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Adding ips validation

remotes/origin/enhancement/email-actions
Jesús Espino 2014-11-28 13:37:18 +01:00 committed by David Barragán Merino
parent bb8a2d2528
commit 02400be2a1
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
settings/common.py
View File

@ -360,6 +360,7 @@ PROJECT_MODULES_CONFIGURATORS = {
} }
BITBUCKET_VALID_ORIGIN_IPS = ["131.103.20.165", "131.103.20.166"] BITBUCKET_VALID_ORIGIN_IPS = ["131.103.20.165", "131.103.20.166"]
GITLAB_VALID_ORIGIN_IPS = []
# NOTE: DON'T INSERT MORE SETTINGS AFTER THIS LINE # NOTE: DON'T INSERT MORE SETTINGS AFTER THIS LINE
TEST_RUNNER="django.test.runner.DiscoverRunner" TEST_RUNNER="django.test.runner.DiscoverRunner"

5
taiga/hooks/gitlab/api.py
View File

@ -48,6 +48,11 @@ class GitLabViewSet(BaseWebhookApiViewSet):
if not project_secret: if not project_secret:
return False return False
valid_origin_ips = project.modules_config.config.get("bitbucket", {}).get("valid_origin_ips", settings.GITLAB_VALID_ORIGIN_IPS)
origin_ip = get_real_ip(request)
if not origin_ip or not origin_ip in valid_origin_ips:
return False
return project_secret == secret_key return project_secret == secret_key
def _get_project(self, request): def _get_project(self, request):

5
taiga/hooks/gitlab/services.py
View File

@ -27,7 +27,10 @@ def get_or_generate_config(project):
if config and "gitlab" in config: if config and "gitlab" in config:
g_config = project.modules_config.config["gitlab"] g_config = project.modules_config.config["gitlab"]
else: else:
g_config = {"secret": uuid.uuid4().hex } g_config = {
"secret": uuid.uuid4().hex
"valid_origin_ips": settings.GITLAB_VALID_ORIGIN_IPS,
}
url = reverse("gitlab-hook-list") url = reverse("gitlab-hook-list")
url = get_absolute_url(url) url = get_absolute_url(url)