From 4b2d9b8a558190f8ccc51cfe67f5e151f2c3342b Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Sun, 10 May 2020 18:18:12 +0200 Subject: [PATCH] Reset secret of web app that could have been exposed by Doorkeeper (#13688) There are no obvious ways it could be misused, as the secret is not really used for anything, but it is best to secure it for the future Follow-up to #13613 --- db/migrate/20200510110808_reset_web_app_secret.rb | 15 +++++++++++++++ db/schema.rb | 2 +- 2 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20200510110808_reset_web_app_secret.rb diff --git a/db/migrate/20200510110808_reset_web_app_secret.rb b/db/migrate/20200510110808_reset_web_app_secret.rb new file mode 100644 index 00000000000..b274844c585 --- /dev/null +++ b/db/migrate/20200510110808_reset_web_app_secret.rb @@ -0,0 +1,15 @@ +class ResetWebAppSecret < ActiveRecord::Migration[5.2] + disable_ddl_transaction! + + def up + web_app = Doorkeeper::Application.find_by(superapp: true) + + return if web_app.nil? + + web_app.renew_secret + web_app.save! + end + + def down + end +end diff --git a/db/schema.rb b/db/schema.rb index 08a2335ee2a..31f0c96bc06 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_05_08_212852) do +ActiveRecord::Schema.define(version: 2020_05_10_110808) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql"