dkam/clinch
1
0
Fork 0
Code Issues 2 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Add sentry, set csp reporting API

Browse Source
This commit is contained in:
Dan Milne
2025-11-04 22:58:32 +11:00
parent 4f5974dd37
commit 2b15aa2c40
8 changed files with 40 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/controllers/admin/applications_controller.rb
View File

@@ -100,7 +100,10 @@ module Admin
params.require(:application).permit(
:name, :slug, :app_type, :active, :redirect_uris, :description, :metadata,
:domain_pattern, :landing_url, headers_config: {}
)
).tap do |whitelisted|
# Remove client_secret from params if present (shouldn't be updated via form)
whitelisted.delete(:client_secret)
end
end
end
end

2
app/models/application.rb
View File

@@ -13,7 +13,7 @@ class Application < ApplicationRecord
validates :app_type, presence: true,
inclusion: { in: %w[oidc forward_auth] }
validates :client_id, uniqueness: { allow_nil: true }
validates :client_secret, presence: true, if: -> { oidc? && new_record? }
validates :client_secret, presence: true, on: :create, if: -> { oidc? }
validates :domain_pattern, presence: true, uniqueness: { case_sensitive: false }, if: :forward_auth?
validates :landing_url, format: { with: URI::regexp(%w[http https]), allow_nil: true, message: "must be a valid URL" }