Add guard for nil merge_request_diff.id
What does this MR do?
There's a somewhat obscure and rare case were @merge_request_diff
can be a newly created and unsaved MergeRequestDiff
object, which will exist for the purposes of the original guard, but will not have an id
yet, and the code immediately following this guard relies on id
being !nil?
. Further testing on the frontend with @jboyson shows that even if we made it through this method without error, the frontend code has no idea what to do with a data blob that has an empty MergeRequestDiff
object in it.
Screenshots
Does this MR meet the acceptance criteria?
Conformity
- [-] Changelog entry
- [-] Documentation (if required)
-
Code review guidelines -
Merge request performance guidelines -
Style guides - [-] Database guides
- [-] Separation of EE specific content
Availability and Testing
-
Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process. - [-] Tested in all supported browsers
- [-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done
Security
If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:
- [-] Label as security and @ mention
@gitlab-com/gl-security/appsec
- [-] The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
- [-] Security reports checked/validated by a reviewer from the AppSec team
Edited by Mayra Cabrera