1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-15 10:00:55 +01:00
phorge-phorge/resources/sql/autopatches/20160110.repo.01.slug.sql
epriestley 0b3d10c3da Enforce sensible, unique clone/checkout names for repositories
Summary:
Fixes T7938.

  - Primarily, users can currently shoot themselves in the foot by putting `../../etc/passwd` and other similar nonsense in these fields (this is not dangerous, but also does not work). Require sensible names.
  - Enforce uniqueness so these names can be used in URIs and as identifiers in the future.
  - (This doesn't start actually using them for anything fancy yet.)

Test Plan:
  - Gave several repositories clone names: a valid name, two duplicate names, an invalid, name, some with no names.
  - Ran migrations.
  - Got clean conversion for valid names, appropriate errors for invalid/duplicate names.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T7938

Differential Revision: https://secure.phabricator.com/D14986
2016-01-11 02:06:44 -08:00

5 lines
199 B
SQL

ALTER TABLE {$NAMESPACE}_repository.repository
ADD repositorySlug VARCHAR(64) COLLATE {$COLLATE_SORT};
ALTER TABLE {$NAMESPACE}_repository.repository
ADD UNIQUE KEY `key_slug` (repositorySlug);