Skip to content
Snippets Groups Projects
Commit 93612912 authored by Serena Fang's avatar Serena Fang Committed by Alexandru Croitor
Browse files

Return if FIPS enabled

Changelog: changed
parent b1f29251
No related branches found
No related tags found
1 merge request!91532Disable Gravatar if FIPS enabled
Showing with 49 additions and 40 deletions
......@@ -2,6 +2,7 @@
class GravatarService
def execute(email, size = nil, scale = 2, username: nil)
return if Gitlab::FIPS.enabled?
return unless Gitlab::CurrentSettings.gravatar_enabled?
identifier = email.presence || username.presence
......
......@@ -6,7 +6,7 @@
"properties" : {
"id": { "type": "integer" },
"state": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"path": { "type": "string" },
"name": { "type": "string" },
"username": { "type": "string" },
......
......@@ -15,7 +15,7 @@
"properties" : {
"id": { "type": "integer" },
"state": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"web_url": { "type": "string" },
"path": { "type": "string" },
"name": { "type": "string" },
......
......@@ -11,7 +11,7 @@
"author"
],
"properties": {
"author_gravatar_url": { "type": "string" },
"author_gravatar_url": { "type": [ "string", "null" ] },
"commit_url": { "type": "string" },
"commit_path": { "type": "string" },
"author": {
......
......@@ -5,7 +5,7 @@
"id": { "type": "integer" },
"login": { "type": "string" },
"url": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"html_url": { "type": "string" }
},
"additionalProperties": false
......
......@@ -62,7 +62,7 @@
"required": ["email", "avatar_url", "can_resend", "user_state"],
"properties": {
"email": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"can_resend": { "type": "boolean" },
"user_state": { "type": "string" }
},
......
......@@ -11,7 +11,7 @@
"properties": {
"id": { "type": "integer" },
"state": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"path": { "type": "string" },
"name": { "type": "string" },
"username": { "type": "string" },
......
......@@ -12,7 +12,7 @@
"properties": {
"id": { "type": "integer" },
"state": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"web_url": { "type": "string" },
"path": { "type": "string" },
"name": { "type": "string" },
......
......@@ -13,7 +13,7 @@
"name": { "type": "string" },
"username": { "type": "string" },
"state": { "type": "string" },
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"web_url": { "type": "string" }
}
}
......@@ -39,7 +39,7 @@
"type": "string",
"enum": ["active", "blocked"]
},
"avatar_url": { "type": "string" },
"avatar_url": { "type": [ "string", "null" ] },
"web_url": { "type": "string" },
"created_at": { "type": "string", "format": "date-time" },
"bio": { "type": ["string", "null"] },
......
......@@ -221,48 +221,56 @@
stub_application_setting(gravatar_enabled?: true)
end
it 'returns a generic avatar when email is blank' do
expect(helper.gravatar_icon('')).to match_asset_path(described_class::DEFAULT_AVATAR_PATH)
end
context 'with FIPS not enabled', fips_mode: false do
it 'returns a generic avatar when email is blank' do
expect(helper.gravatar_icon('')).to match_asset_path(described_class::DEFAULT_AVATAR_PATH)
end
it 'returns a valid Gravatar URL' do
stub_config_setting(https: false)
it 'returns a valid Gravatar URL' do
stub_config_setting(https: false)
expect(helper.gravatar_icon(user_email))
.to match('https://www.gravatar.com/avatar/b58c6f14d292556214bd64909bcdb118')
end
expect(helper.gravatar_icon(user_email))
.to match('https://www.gravatar.com/avatar/b58c6f14d292556214bd64909bcdb118')
end
it 'uses HTTPs when configured' do
stub_config_setting(https: true)
it 'uses HTTPs when configured' do
stub_config_setting(https: true)
expect(helper.gravatar_icon(user_email))
.to match('https://secure.gravatar.com')
end
expect(helper.gravatar_icon(user_email))
.to match('https://secure.gravatar.com')
end
it 'returns custom gravatar path when gravatar_url is set' do
stub_gravatar_setting(plain_url: 'http://example.local/?s=%{size}&hash=%{hash}')
it 'returns custom gravatar path when gravatar_url is set' do
stub_gravatar_setting(plain_url: 'http://example.local/?s=%{size}&hash=%{hash}')
expect(gravatar_icon(user_email, 20))
.to eq('http://example.local/?s=40&hash=b58c6f14d292556214bd64909bcdb118')
end
expect(gravatar_icon(user_email, 20))
.to eq('http://example.local/?s=40&hash=b58c6f14d292556214bd64909bcdb118')
end
it 'accepts a custom size argument' do
expect(helper.gravatar_icon(user_email, 64)).to include '?s=128'
end
it 'accepts a custom size argument' do
expect(helper.gravatar_icon(user_email, 64)).to include '?s=128'
end
it 'defaults size to 40@2x when given an invalid size' do
expect(helper.gravatar_icon(user_email, nil)).to include '?s=80'
end
it 'defaults size to 40@2x when given an invalid size' do
expect(helper.gravatar_icon(user_email, nil)).to include '?s=80'
end
it 'accepts a scaling factor' do
expect(helper.gravatar_icon(user_email, 40, 3)).to include '?s=120'
end
it 'accepts a scaling factor' do
expect(helper.gravatar_icon(user_email, 40, 3)).to include '?s=120'
end
it 'ignores case and surrounding whitespace' do
normal = helper.gravatar_icon('foo@example.com')
upcase = helper.gravatar_icon(' FOO@EXAMPLE.COM ')
it 'ignores case and surrounding whitespace' do
normal = helper.gravatar_icon('foo@example.com')
upcase = helper.gravatar_icon(' FOO@EXAMPLE.COM ')
expect(normal).to eq upcase
expect(normal).to eq upcase
end
end
context 'with FIPS enabled', :fips_mode do
it 'returns a generic avatar' do
expect(helper.gravatar_icon(user_email)).to match_asset_path(described_class::DEFAULT_AVATAR_PATH)
end
end
end
end
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment