Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
31bc876b
Commit
31bc876b
authored
Mar 24, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Test both GET and POST for git-upload-pack
parent
8f3e86d7
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
69 additions
and
47 deletions
+69
-47
config/routes.rb
config/routes.rb
+2
-2
spec/requests/git_http_spec.rb
spec/requests/git_http_spec.rb
+67
-45
No files found.
config/routes.rb
View file @
31bc876b
...
@@ -429,8 +429,8 @@ Rails.application.routes.draw do
...
@@ -429,8 +429,8 @@ Rails.application.routes.draw do
# Git HTTP clients ('git clone' etc.)
# Git HTTP clients ('git clone' etc.)
scope
constraints:
{
format:
/(git|wiki\.git)/
}
do
scope
constraints:
{
format:
/(git|wiki\.git)/
}
do
get
'/info/refs'
,
to:
'git_http#info_refs'
,
only: :get
get
'/info/refs'
,
to:
'git_http#info_refs'
,
only: :get
ge
t
'/git-upload-pack'
,
to:
'git_http#git_upload_pack'
,
only: :post
pos
t
'/git-upload-pack'
,
to:
'git_http#git_upload_pack'
,
only: :post
ge
t
'/git-receive-pack'
,
to:
'git_http#git_receive_pack'
,
only: :post
pos
t
'/git-receive-pack'
,
to:
'git_http#git_receive_pack'
,
only: :post
end
end
# Blob routes:
# Blob routes:
...
...
spec/requests/git_http_spec.rb
View file @
31bc876b
...
@@ -8,26 +8,26 @@ describe 'Git HTTP requests', lib: true do
...
@@ -8,26 +8,26 @@ describe 'Git HTTP requests', lib: true do
context
"when the project doesn't exist"
do
context
"when the project doesn't exist"
do
context
"when no authentication is provided"
do
context
"when no authentication is provided"
do
it
"responds with status 401"
do
it
"responds with status 401"
do
clone_get
'/doesnt/exist.git/info/refs'
download
(
'doesnt/exist.git'
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
401
)
e
xpect
(
response
.
status
).
to
eq
(
401
)
e
nd
end
end
end
end
context
"when username and password are provided"
do
context
"when username and password are provided"
do
context
"when authentication fails"
do
context
"when authentication fails"
do
it
"responds with status 401"
do
it
"responds with status 401"
do
clone_get
'/doesnt/exist.git/info/refs'
,
user:
user
.
username
,
password:
"nope"
download
(
'doesnt/exist.git'
,
user:
user
.
username
,
password:
"nope"
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
401
)
e
xpect
(
response
.
status
).
to
eq
(
401
)
e
nd
end
end
end
end
context
"when authentication succeeds"
do
context
"when authentication succeeds"
do
it
"responds with status 404"
do
it
"responds with status 404"
do
clone_get
'/doesnt/exist.git/info/refs'
,
user:
user
.
username
,
password:
user
.
password
download
(
'/doesnt/exist.git'
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
404
)
e
xpect
(
response
.
status
).
to
eq
(
404
)
e
nd
end
end
end
end
end
end
...
@@ -38,23 +38,25 @@ describe 'Git HTTP requests', lib: true do
...
@@ -38,23 +38,25 @@ describe 'Git HTTP requests', lib: true do
wiki
=
ProjectWiki
.
new
(
project
)
wiki
=
ProjectWiki
.
new
(
project
)
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
clone_get
"/
#{
wiki
.
repository
.
path_with_namespace
}
.git/info/refs"
download
(
"/
#{
wiki
.
repository
.
path_with_namespace
}
.git"
)
do
|
response
|
json_body
=
ActiveSupport
::
JSON
.
decode
(
response
.
body
)
json_body
=
ActiveSupport
::
JSON
.
decode
(
response
.
body
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
json_body
[
'RepoPath'
]).
to
include
(
wiki
.
repository
.
path_with_namespace
)
expect
(
json_body
[
'RepoPath'
]).
to
include
(
wiki
.
repository
.
path_with_namespace
)
end
end
end
end
end
context
"when the project exists"
do
context
"when the project exists"
do
let
(
:path
)
{
clone_path
(
project
)
}
let
(
:path
)
{
"
#{
project
.
path_with_namespace
}
.git"
}
let
(
:env
)
{
{}
}
context
"when the project is public"
do
context
"when the project is public"
do
it
"responds with status 200"
do
it
"responds with status 200"
do
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
clone_get
path
download
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
200
)
e
xpect
(
response
.
status
).
to
eq
(
200
)
e
nd
end
end
end
end
...
@@ -65,33 +67,37 @@ describe 'Git HTTP requests', lib: true do
...
@@ -65,33 +67,37 @@ describe 'Git HTTP requests', lib: true do
context
"when no authentication is provided"
do
context
"when no authentication is provided"
do
it
"responds with status 401"
do
it
"responds with status 401"
do
clone_get
path
download
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
401
)
e
xpect
(
response
.
status
).
to
eq
(
401
)
e
nd
end
end
end
end
context
"when username and password are provided"
do
context
"when username and password are provided"
do
let
(
:env
)
{
{
user:
user
.
username
,
password:
'nope'
}
}
context
"when authentication fails"
do
context
"when authentication fails"
do
it
"responds with status 401"
do
it
"responds with status 401"
do
clone_get
path
,
user:
user
.
username
,
password:
'nope'
download
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
401
)
e
xpect
(
response
.
status
).
to
eq
(
401
)
e
nd
end
end
context
"when the user is IP banned"
do
context
"when the user is IP banned"
do
it
"responds with status 401"
do
it
"responds with status 401"
do
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:filter
).
and_return
(
true
)
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:filter
).
and_return
(
true
)
allow_any_instance_of
(
Rack
::
Request
).
to
receive
(
:ip
).
and_return
(
'1.2.3.4'
)
allow_any_instance_of
(
Rack
::
Request
).
to
receive
(
:ip
).
and_return
(
'1.2.3.4'
)
clone_get
path
,
user:
user
.
username
,
password:
'nope'
clone_get
(
path
,
env
)
expect
(
response
.
status
).
to
eq
(
401
)
expect
(
response
.
status
).
to
eq
(
401
)
end
end
end
end
end
end
context
"when authentication succeeds"
do
context
"when authentication succeeds"
do
let
(
:env
)
{
{
user:
user
.
username
,
password:
user
.
password
}
}
context
"when the user has access to the project"
do
context
"when the user has access to the project"
do
before
do
before
do
project
.
team
<<
[
user
,
:master
]
project
.
team
<<
[
user
,
:master
]
...
@@ -102,18 +108,18 @@ describe 'Git HTTP requests', lib: true do
...
@@ -102,18 +108,18 @@ describe 'Git HTTP requests', lib: true do
user
.
block
user
.
block
project
.
team
<<
[
user
,
:master
]
project
.
team
<<
[
user
,
:master
]
clone_get
path
,
user:
user
.
username
,
password:
user
.
password
download
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
404
)
e
xpect
(
response
.
status
).
to
eq
(
404
)
e
nd
end
end
end
end
context
"when the user isn't blocked"
do
context
"when the user isn't blocked"
do
it
"responds with status 200"
do
it
"responds with status 200"
do
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:reset
)
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:reset
)
clone_get
path
,
user:
user
.
username
,
password:
user
.
password
clone_get
(
path
,
env
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
.
status
).
to
eq
(
200
)
end
end
end
end
...
@@ -151,9 +157,9 @@ describe 'Git HTTP requests', lib: true do
...
@@ -151,9 +157,9 @@ describe 'Git HTTP requests', lib: true do
context
"when the user doesn't have access to the project"
do
context
"when the user doesn't have access to the project"
do
it
"responds with status 404"
do
it
"responds with status 404"
do
clone_get
path
,
user:
user
.
username
,
password:
user
.
password
download
(
path
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
404
)
e
xpect
(
response
.
status
).
to
eq
(
404
)
e
nd
end
end
end
end
end
end
...
@@ -165,7 +171,7 @@ describe 'Git HTTP requests', lib: true do
...
@@ -165,7 +171,7 @@ describe 'Git HTTP requests', lib: true do
project
=
FactoryGirl
.
create
:empty_project
project
=
FactoryGirl
.
create
:empty_project
project
.
update_attributes
(
runners_token:
token
,
builds_enabled:
true
)
project
.
update_attributes
(
runners_token:
token
,
builds_enabled:
true
)
clone_get
clone_path
(
project
)
,
user:
'gitlab-ci-token'
,
password:
token
clone_get
"
#{
project
.
path_with_namespace
}
.git"
,
user:
'gitlab-ci-token'
,
password:
token
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
.
status
).
to
eq
(
200
)
end
end
...
@@ -174,17 +180,33 @@ describe 'Git HTTP requests', lib: true do
...
@@ -174,17 +180,33 @@ describe 'Git HTTP requests', lib: true do
end
end
end
end
def
clone_get
(
url
,
user:
nil
,
password:
nil
)
def
clone_get
(
project
,
options
=
{})
if
user
&&
password
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-upload-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
env
=
{
'HTTP_AUTHORIZATION'
=>
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
}
end
else
env
=
{}
def
clone_post
(
project
,
options
=
{})
end
post
"/
#{
project
}
/git-upload-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
get
url
,
{
'service'
=>
'git-upload-pack'
},
env
end
end
def
clone_path
(
project
)
def
clone_path
(
project
)
"/
#{
project
.
path_with_namespace
}
.git/info/refs"
"/
#{
project
.
path_with_namespace
}
.git/info/refs"
end
end
def
download
(
project
,
user:
nil
,
password:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
}]
clone_get
*
args
yield
response
clone_post
*
args
yield
response
end
def
auth_env
(
user
,
password
)
if
user
&&
password
{
'HTTP_AUTHORIZATION'
=>
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
}
else
{}
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment