nixpkgs/pkgs/applications/version-management/gitlab/reset_token.rake
Franz Pletz 219e91b4c6
gitlab: add rake task to delete tokens
The information disclosure was caued by CVE-2017-0882.
2017-03-21 13:16:54 +01:00

43 lines
1 KiB
Ruby

# Taken from:
# https://about.gitlab.com/2017/03/20/gitlab-8-dot-17-dot-4-security-release/
# lib/tasks/reset_token.rake
require_relative '../../app/models/concerns/token_authenticatable.rb'
STDOUT.sync = true
namespace :tokens do
desc "Reset all GitLab user auth tokens"
task reset_all: :environment do
reset_all_users_token(:reset_authentication_token!)
end
desc "Reset all GitLab email tokens"
task reset_all_email: :environment do
reset_all_users_token(:reset_incoming_email_token!)
end
def reset_all_users_token(token)
TmpUser.find_in_batches do |batch|
puts "Processing batch starting with user ID: #{batch.first.id}"
batch.each(&token)
end
end
end
class TmpUser < ActiveRecord::Base
include TokenAuthenticatable
self.table_name = 'users'
def reset_authentication_token!
write_new_token(:authentication_token)
save!(validate: false)
end
def reset_incoming_email_token!
write_new_token(:incoming_email_token)
save!(validate: false)
end
end