Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
60bad970
Commit
60bad970
authored
Dec 15, 2020
by
Aakriti Gupta
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allow user sign-in in maintenance mode
parent
a741fa4a
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
21 additions
and
1 deletion
+21
-1
ee/lib/ee/gitlab/middleware/read_only/controller.rb
ee/lib/ee/gitlab/middleware/read_only/controller.rb
+11
-1
ee/spec/support/shared_examples/lib/gitlab/middleware/maintenance_mode_gitlab_ee_instance_shared_examples.rb
...re/maintenance_mode_gitlab_ee_instance_shared_examples.rb
+7
-0
spec/support/shared_examples/lib/gitlab/middleware/read_only_gitlab_instance_shared_examples.rb
...b/middleware/read_only_gitlab_instance_shared_examples.rb
+3
-0
No files found.
ee/lib/ee/gitlab/middleware/read_only/controller.rb
View file @
60bad970
...
...
@@ -24,6 +24,10 @@ module EE
'repositories/lfs_locks_api'
=>
%w{verify create unlock}
}.
freeze
ALLOWLISTED_SIGN_IN_ROUTES
=
{
'sessions'
=>
%w{create}
}.
freeze
private
# In addition to routes allowed in FOSS, allow geo node update route
...
...
@@ -36,7 +40,7 @@ module EE
allowed
=
super
||
geo_node_update_route?
||
geo_api_route?
||
admin_settings_update?
return
true
if
allowed
return
false
if
::
Gitlab
.
maintenance_mode?
return
sign_in_route?
if
::
Gitlab
.
maintenance_mode?
return
false
unless
::
Gitlab
::
Geo
.
secondary?
git_write_routes
...
...
@@ -82,6 +86,12 @@ module EE
end
end
def
sign_in_route?
return
unless
request
.
post?
&&
request
.
path
.
start_with?
(
'/users/sign_in'
)
ALLOWLISTED_SIGN_IN_ROUTES
[
route_hash
[
:controller
]]
&
.
include?
(
route_hash
[
:action
])
end
def
lfs_locks_route?
# Calling route_hash may be expensive. Only do it if we think there's a possible match
unless
request
.
path
.
end_with?
(
'/info/lfs/locks'
,
'/info/lfs/locks/verify'
)
||
...
...
ee/spec/support/shared_examples/lib/gitlab/middleware/maintenance_mode_gitlab_ee_instance_shared_examples.rb
View file @
60bad970
...
...
@@ -77,6 +77,13 @@ RSpec.shared_examples 'write access for a read-only GitLab (EE) instance in main
expect
(
subject
).
to
disallow_request
end
end
it
"expects a POST to /users/sign_in URL to be allowed"
do
response
=
request
.
post
(
'/users/sign_in'
)
expect
(
response
).
not_to
be_redirect
expect
(
subject
).
not_to
disallow_request
end
end
end
end
spec/support/shared_examples/lib/gitlab/middleware/read_only_gitlab_instance_shared_examples.rb
View file @
60bad970
...
...
@@ -125,6 +125,9 @@ RSpec.shared_examples 'write access for a read-only GitLab instance' do
where
(
:description
,
:path
)
do
'LFS request to batch'
|
'/root/rouge.git/info/lfs/objects/batch'
'request to git-upload-pack'
|
'/root/rouge.git/git-upload-pack'
'user sign out'
|
'/users/sign_out'
'admin session'
|
'/admin/session'
'admin session destroy'
|
'/admin/session/destroy'
end
with_them
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment