Fix access to the wiki code via HTTP when repository feature disabled

parent b55c1bc4
......@@ -109,12 +109,14 @@ class Projects::GitHttpClientController < Projects::ApplicationController
end
def repository
wiki? ? project.wiki.repository : project.repository
end
def wiki?
return @wiki if defined?(@wiki)
_, suffix = project_id_with_suffix
if suffix == '.wiki.git'
project.wiki.repository
else
project.repository
end
@wiki = suffix == '.wiki.git'
end
def render_not_found
......
......@@ -84,7 +84,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController
end
def access
@access ||= Gitlab::GitAccess.new(user, project, 'http', authentication_abilities: authentication_abilities)
@access ||= access_klass.new(user, project, 'http', authentication_abilities: authentication_abilities)
end
def access_check
......@@ -102,4 +102,8 @@ class Projects::GitHttpController < Projects::GitHttpClientController
access_check.allowed?
end
def access_klass
@access_klass ||= wiki? ? Gitlab::GitAccessWiki : Gitlab::GitAccess
end
end
......@@ -55,6 +55,28 @@ describe 'Git HTTP requests', lib: true do
expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE)
end
end
context 'but the repo is disabled' do
let(:project) { create(:project, repository_access_level: ProjectFeature::DISABLED, wiki_access_level: ProjectFeature::ENABLED) }
let(:wiki) { ProjectWiki.new(project) }
let(:path) { "/#{wiki.repository.path_with_namespace}.git" }
before do
project.team << [user, :developer]
end
it 'allows clones' do
download(path, user: user.username, password: user.password) do |response|
expect(response).to have_http_status(200)
end
end
it 'allows pushes' do
upload(path, user: user.username, password: user.password) do |response|
expect(response).to have_http_status(200)
end
end
end
end
context "when the project exists" do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment