Commit f548511c authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'improve-git-update' into 'master'

Improve Git Update
parents e294b344 84c5f49d
...@@ -6,14 +6,27 @@ require_relative 'gitlab_config' ...@@ -6,14 +6,27 @@ require_relative 'gitlab_config'
require_relative 'gitlab_logger' require_relative 'gitlab_logger'
class GitlabNet class GitlabNet
def allowed?(cmd, repo, key, ref) def allowed?(cmd, repo, actor, ref, oldrev = nil, newrev = nil)
project_name = repo.gsub("'", "") project_name = repo.gsub("'", "")
project_name = project_name.gsub(/\.git\Z/, "") project_name = project_name.gsub(/\.git\Z/, "")
project_name = project_name.gsub(/\A\//, "") project_name = project_name.gsub(/\A\//, "")
key_id = key.gsub("key-", "") params = {
action: cmd,
ref: ref,
project: project_name,
}
params.merge!(oldrev: oldrev) if oldrev
params.merge!(newrev: newrev) if newrev
if actor =~ /\Akey\-\d+\Z/
params.merge!(key_id: actor.gsub("key-", ""))
elsif actor =~ /\Auser\-\d+\Z/
params.merge!(user_id: actor.gsub("user-", ""))
end
url = "#{host}/allowed?key_id=#{key_id}&action=#{cmd}&ref=#{ref}&project=#{project_name}" url = "#{host}/allowed?" + URI.encode_www_form(params)
resp = get(url) resp = get(url)
!!(resp.code == '200' && resp.body == 'true') !!(resp.code == '200' && resp.body == 'true')
......
...@@ -5,7 +5,7 @@ require 'json' ...@@ -5,7 +5,7 @@ require 'json'
class GitlabUpdate class GitlabUpdate
attr_reader :config attr_reader :config
def initialize(repo_path, key_id, refname) def initialize(repo_path, actor, refname)
@config = GitlabConfig.new @config = GitlabConfig.new
@repo_path = repo_path.strip @repo_path = repo_path.strip
...@@ -14,7 +14,7 @@ class GitlabUpdate ...@@ -14,7 +14,7 @@ class GitlabUpdate
@repo_name.gsub!(/\.git$/, "") @repo_name.gsub!(/\.git$/, "")
@repo_name.gsub!(/^\//, "") @repo_name.gsub!(/^\//, "")
@key_id = key_id @actor = actor
@refname = refname @refname = refname
@branch_name = /refs\/heads\/([\/\w\.-]+)/.match(refname).to_a.last @branch_name = /refs\/heads\/([\/\w\.-]+)/.match(refname).to_a.last
...@@ -27,20 +27,13 @@ class GitlabUpdate ...@@ -27,20 +27,13 @@ class GitlabUpdate
# get value from it # get value from it
ENV['GL_ID'] = nil ENV['GL_ID'] = nil
# If its push over ssh if api.allowed?('git-receive-pack', @repo_name, @actor, @branch_name, @oldrev, @newrev)
# we need to check user permission per branch first
if ssh?
if api.allowed?('git-receive-pack', @repo_name, @key_id, @branch_name)
update_redis update_redis
exit 0 exit 0
else else
puts "GitLab: You are not allowed to access #{@branch_name}!" puts "GitLab: You are not allowed to access #{@branch_name}!"
exit 1 exit 1
end end
else
update_redis
exit 0
end
end end
protected protected
...@@ -49,13 +42,9 @@ class GitlabUpdate ...@@ -49,13 +42,9 @@ class GitlabUpdate
GitlabNet.new GitlabNet.new
end end
def ssh?
@key_id =~ /\Akey\-\d+\Z/
end
def update_redis def update_redis
queue = "#{config.redis_namespace}:queue:post_receive" queue = "#{config.redis_namespace}:queue:post_receive"
msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @oldrev, @newrev, @refname, @key_id]}) msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @oldrev, @newrev, @refname, @actor]})
unless system(*config.redis_command, 'rpush', queue, msg, err: '/dev/null', out: '/dev/null') unless system(*config.redis_command, 'rpush', queue, msg, err: '/dev/null', out: '/dev/null')
puts "GitLab: An unexpected error occurred (redis-cli returned #{$?.exitstatus})." puts "GitLab: An unexpected error occurred (redis-cli returned #{$?.exitstatus})."
exit 1 exit 1
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment