Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
b6da7348
Commit
b6da7348
authored
Jan 14, 2013
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Plain Diff
Merge pull request #2584 from jasl8r/public-grack-clone
Public HTTP clones and remove auth request for public projects
parents
eff6d3c1
80b8921a
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
48 additions
and
20 deletions
+48
-20
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+48
-20
No files found.
lib/gitlab/backend/grack_auth.rb
View file @
b6da7348
...
@@ -2,30 +2,42 @@ module Grack
...
@@ -2,30 +2,42 @@ module Grack
class
Auth
<
Rack
::
Auth
::
Basic
class
Auth
<
Rack
::
Auth
::
Basic
attr_accessor
:user
,
:project
attr_accessor
:user
,
:project
def
valid?
def
call
(
env
)
# Find project by PATH_INFO from env
@env
=
env
if
m
=
/^\/([\w\.\/-]+)\.git/
.
match
(
@request
.
path_info
).
to_a
@request
=
Rack
::
Request
.
new
(
env
)
self
.
project
=
Project
.
find_with_namespace
(
m
.
last
)
@auth
=
Request
.
new
(
env
)
return
false
unless
project
end
if
@request
.
get?
&&
project
.
public
# Pass Gitolite update hook
return
true
ENV
[
'GL_BYPASS_UPDATE_HOOK'
]
=
"true"
end
# Authentication with username and password
# Need this patch due to the rails mount
login
,
password
=
@auth
.
credentials
@env
[
'PATH_INFO'
]
=
@request
.
path
@env
[
'SCRIPT_NAME'
]
=
""
self
.
user
=
User
.
find_by_email
(
login
)
||
User
.
find_by_username
(
login
)
return
render_not_found
unless
project
return
unauthorized
unless
project
.
public
||
@auth
.
provided?
return
bad_request
if
@auth
.
provided?
&&
!
@auth
.
basic?
return
false
unless
user
.
try
(
:valid_password?
,
password
)
if
valid?
if
@auth
.
provided?
@env
[
'REMOTE_USER'
]
=
@auth
.
username
end
return
@app
.
call
(
env
)
else
unauthorized
end
end
email
=
user
.
email
def
valid?
if
@auth
.
provided?
# Authentication with username and password
login
,
password
=
@auth
.
credentials
self
.
user
=
User
.
find_by_email
(
login
)
||
User
.
find_by_username
(
login
)
return
false
unless
user
.
try
(
:valid_password?
,
password
)
# Set GL_USER env variable
# Set GL_USER env variable
ENV
[
'GL_USER'
]
=
email
ENV
[
'GL_USER'
]
=
user
.
email
# Pass Gitolite update hook
end
ENV
[
'GL_BYPASS_UPDATE_HOOK'
]
=
"true"
# Git upload and receive
# Git upload and receive
if
@request
.
get?
if
@request
.
get?
...
@@ -38,12 +50,12 @@ module Grack
...
@@ -38,12 +50,12 @@ module Grack
end
end
def
validate_get_request
def
validate_get_request
can?
(
user
,
:download_code
,
project
)
project
.
public
||
can?
(
user
,
:download_code
,
project
)
end
end
def
validate_post_request
def
validate_post_request
if
@request
.
path_info
.
end_with?
(
'git-upload-pack'
)
if
@request
.
path_info
.
end_with?
(
'git-upload-pack'
)
can?
(
user
,
:download_code
,
project
)
project
.
public
||
can?
(
user
,
:download_code
,
project
)
elsif
@request
.
path_info
.
end_with?
(
'git-receive-pack'
)
elsif
@request
.
path_info
.
end_with?
(
'git-receive-pack'
)
action
=
if
project
.
protected_branch?
(
current_ref
)
action
=
if
project
.
protected_branch?
(
current_ref
)
:push_code_to_protected_branches
:push_code_to_protected_branches
...
@@ -72,6 +84,22 @@ module Grack
...
@@ -72,6 +84,22 @@ module Grack
/refs\/heads\/([\w\.-]+)/
.
match
(
input
).
to_a
.
first
/refs\/heads\/([\w\.-]+)/
.
match
(
input
).
to_a
.
first
end
end
def
project
unless
instance_variable_defined?
:@project
# Find project by PATH_INFO from env
if
m
=
/^\/([\w\.\/-]+)\.git/
.
match
(
@request
.
path_info
).
to_a
@project
=
Project
.
find_with_namespace
(
m
.
last
)
end
end
return
@project
end
PLAIN_TYPE
=
{
"Content-Type"
=>
"text/plain"
}
def
render_not_found
[
404
,
PLAIN_TYPE
,
[
"Not Found"
]]
end
protected
protected
def
abilities
def
abilities
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment