Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
40372d5c
Commit
40372d5c
authored
Dec 02, 2016
by
Valery Sizov
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'ce_upstream' of gitlab.com:gitlab-org/gitlab-ee into ce_upstream
parents
25e41c67
6b69a163
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
64 deletions
+36
-64
app/controllers/concerns/lfs_request.rb
app/controllers/concerns/lfs_request.rb
+35
-56
app/controllers/projects/git_http_controller.rb
app/controllers/projects/git_http_controller.rb
+1
-8
No files found.
app/controllers/concerns/lfs_request.rb
View file @
40372d5c
...
@@ -33,59 +33,15 @@ module LfsRequest
...
@@ -33,59 +33,15 @@ module LfsRequest
return
if
download_request?
&&
lfs_download_access?
return
if
download_request?
&&
lfs_download_access?
return
if
upload_request?
&&
lfs_upload_access?
return
if
upload_request?
&&
lfs_upload_access?
<<<<<<<
HEAD
:app
/
helpers
/
lfs_helper
.
rb
if
project
.
public?
||
(
user
&&
user
.
can?
(
:read_project
,
project
))
if
project
.
above_size_limit?
||
objects_exceed_repo_limit?
render_size_error
else
render_lfs_forbidden
end
=======
if
project
.
public?
||
can?
(
user
,
:read_project
,
project
)
if
project
.
public?
||
can?
(
user
,
:read_project
,
project
)
lfs_forbidden!
lfs_forbidden!
>>>>>>>
14046
b9c734e5e6506d63276f39f3f9d770c3699
:app
/
controllers
/
concerns
/
lfs_request
.
rb
else
else
render_lfs_not_found
render_lfs_not_found
end
end
end
end
<<<<<<<
HEAD
:app
/
helpers
/
lfs_helper
.
rb
def
lfs_download_access?
return
false
unless
project
.
lfs_enabled?
ci?
||
lfs_deploy_token?
||
user_can_download_code?
||
build_can_download_code?
end
def
objects
@objects
||=
(
params
[
:objects
]
||
[]).
to_a
end
def
user_can_download_code?
has_authentication_ability?
(
:download_code
)
&&
can?
(
user
,
:download_code
,
project
)
end
def
build_can_download_code?
has_authentication_ability?
(
:build_download_code
)
&&
can?
(
user
,
:build_download_code
,
project
)
end
def
lfs_upload_access?
return
false
unless
project
.
lfs_enabled?
return
false
if
project
.
above_size_limit?
||
objects_exceed_repo_limit?
has_authentication_ability?
(
:push_code
)
&&
can?
(
user
,
:push_code
,
project
)
=======
def
lfs_forbidden!
def
lfs_forbidden!
render_lfs_forbidden
render_lfs_forbidden
>>>>>>>
14046
b9c734e5e6506d63276f39f3f9d770c3699
:app
/
controllers
/
concerns
/
lfs_request
.
rb
end
def
objects_exceed_repo_limit?
return
false
unless
project
.
size_limit_enabled?
return
@limit_exceeded
if
defined?
(
@limit_exceeded
)
size_of_objects
=
objects
.
sum
{
|
o
|
o
[
:size
]
}
@limit_exceeded
=
(
project
.
repository_and_lfs_size
+
size_of_objects
.
to_mb
)
>
project
.
actual_size_limit
end
end
def
render_lfs_forbidden
def
render_lfs_forbidden
...
@@ -110,17 +66,6 @@ module LfsRequest
...
@@ -110,17 +66,6 @@ module LfsRequest
)
)
end
end
<<<<<<<
HEAD
:app
/
helpers
/
lfs_helper
.
rb
def
render_size_error
render
(
json:
{
message:
Gitlab
::
RepositorySizeError
.
new
(
project
).
push_error
,
documentation_url:
help_url
,
},
content_type:
"application/vnd.git-lfs+json"
,
status:
406
)
=======
def
lfs_download_access?
def
lfs_download_access?
return
false
unless
project
.
lfs_enabled?
return
false
unless
project
.
lfs_enabled?
...
@@ -129,6 +74,7 @@ module LfsRequest
...
@@ -129,6 +74,7 @@ module LfsRequest
def
lfs_upload_access?
def
lfs_upload_access?
return
false
unless
project
.
lfs_enabled?
return
false
unless
project
.
lfs_enabled?
return
false
if
project
.
above_size_limit?
||
objects_exceed_repo_limit?
has_authentication_ability?
(
:push_code
)
&&
can?
(
user
,
:push_code
,
project
)
has_authentication_ability?
(
:push_code
)
&&
can?
(
user
,
:push_code
,
project
)
end
end
...
@@ -143,7 +89,6 @@ module LfsRequest
...
@@ -143,7 +89,6 @@ module LfsRequest
def
build_can_download_code?
def
build_can_download_code?
has_authentication_ability?
(
:build_download_code
)
&&
can?
(
user
,
:build_download_code
,
project
)
has_authentication_ability?
(
:build_download_code
)
&&
can?
(
user
,
:build_download_code
,
project
)
>>>>>>>
14046
b9c734e5e6506d63276f39f3f9d770c3699
:app
/
controllers
/
concerns
/
lfs_request
.
rb
end
end
def
storage_project
def
storage_project
...
@@ -162,4 +107,38 @@ module LfsRequest
...
@@ -162,4 +107,38 @@ module LfsRequest
def
objects
def
objects
@objects
||=
(
params
[
:objects
]
||
[]).
to_a
@objects
||=
(
params
[
:objects
]
||
[]).
to_a
end
end
module
EE
def
lfs_forbidden!
raise
NotImplementedError
unless
defined?
(
super
)
if
project
.
above_size_limit?
||
objects_exceed_repo_limit?
render_size_error
else
super
end
end
def
render_size_error
render
(
json:
{
message:
Gitlab
::
RepositorySizeError
.
new
(
project
).
push_error
,
documentation_url:
help_url
,
},
content_type:
"application/vnd.git-lfs+json"
,
status:
406
)
end
def
objects_exceed_repo_limit?
return
false
unless
project
.
size_limit_enabled?
return
@limit_exceeded
if
defined?
(
@limit_exceeded
)
size_of_objects
=
objects
.
sum
{
|
o
|
o
[
:size
]
}
@limit_exceeded
=
(
project
.
repository_and_lfs_size
+
size_of_objects
.
to_mb
)
>
project
.
actual_size_limit
end
end
prepend
EE
end
end
app/controllers/projects/git_http_controller.rb
View file @
40372d5c
...
@@ -67,15 +67,8 @@ class Projects::GitHttpController < Projects::GitHttpClientController
...
@@ -67,15 +67,8 @@ class Projects::GitHttpController < Projects::GitHttpClientController
end
end
def
render_denied
def
render_denied
<<<<<<<
HEAD
if
user
&&
user
.
can?
(
:read_project
,
project
)
message
=
project
.
above_size_limit?
?
access_check
.
message
:
'Access denied'
render
plain:
message
,
status: :forbidden
=======
if
user
&&
can?
(
user
,
:read_project
,
project
)
if
user
&&
can?
(
user
,
:read_project
,
project
)
render
plain:
access_denied_message
,
status: :forbidden
render
plain:
access_denied_message
,
status: :forbidden
>>>>>>>
14046
b9c734e5e6506d63276f39f3f9d770c3699
else
else
# Do not leak information about project existence
# Do not leak information about project existence
render_not_found
render_not_found
...
@@ -83,7 +76,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController
...
@@ -83,7 +76,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController
end
end
def
access_denied_message
def
access_denied_message
'Access denied'
project
.
above_size_limit?
?
access_check
.
message
:
'Access denied'
end
end
def
upload_pack_allowed?
def
upload_pack_allowed?
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment