debian-mirror-gitlab/app/services/protected_branches/base_service.rb
2021-12-07 22:27:20 +05:30

35 lines
858 B
Ruby

# frozen_string_literal: true
module ProtectedBranches
class BaseService < ::BaseService
# current_user - The user that performs the action
# params - A hash of parameters
def initialize(project, current_user = nil, params = {})
@project = project
@current_user = current_user
@params = params
end
def after_execute(*)
# overridden in EE::ProtectedBranches module
end
def filtered_params
return unless params
params[:name] = sanitize_branch_name(params[:name]) if params[:name].present?
params
end
private
def sanitize_branch_name(name)
name = CGI.unescapeHTML(name)
name = Sanitize.fragment(name)
# Sanitize.fragment escapes HTML chars, so unescape again to allow names
# like `feature->master`
CGI.unescapeHTML(name)
end
end
end