Commit 66998f6d authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Allow non authenticated user access to public projects

parent e894e3ee
...@@ -382,3 +382,8 @@ table { ...@@ -382,3 +382,8 @@ table {
width: 50px; width: 50px;
min-height: 100px; min-height: 100px;
} }
.navbar-gitlab .navbar-inner .nav > li .btn-sign-in {
@extend .btn-new;
padding: 5px 15px;
}
class Projects::ApplicationController < ApplicationController class Projects::ApplicationController < ApplicationController
before_filter :project before_filter :project
before_filter :repository before_filter :repository
layout 'projects' layout :determine_layout
def authenticate_user!
# Restrict access to Projects area only
# for non-signed users
if !current_user
id = params[:project_id] || params[:id]
@project = Project.find_with_namespace(id)
return if @project && @project.public
end
super
end
def determine_layout
if current_user
'projects'
else
'public'
end
end
end end
class ProjectsController < Projects::ApplicationController class ProjectsController < Projects::ApplicationController
skip_before_filter :authenticate_user!, only: [:show]
skip_before_filter :project, only: [:new, :create] skip_before_filter :project, only: [:new, :create]
skip_before_filter :repository, only: [:new, :create] skip_before_filter :repository, only: [:new, :create]
...@@ -54,6 +55,8 @@ class ProjectsController < Projects::ApplicationController ...@@ -54,6 +55,8 @@ class ProjectsController < Projects::ApplicationController
end end
def show def show
return authenticate_user! unless @project.public
limit = (params[:limit] || 20).to_i limit = (params[:limit] || 20).to_i
@events = @project.events.recent @events = @project.events.recent
...@@ -69,8 +72,10 @@ class ProjectsController < Projects::ApplicationController ...@@ -69,8 +72,10 @@ class ProjectsController < Projects::ApplicationController
if @project.empty_repo? if @project.empty_repo?
render "projects/empty" render "projects/empty"
else else
if current_user
@last_push = current_user.recent_push(@project.id) @last_push = current_user.recent_push(@project.id)
render :show end
render :show, layout: current_user ? "project" : "public"
end end
end end
format.js format.js
......
...@@ -90,6 +90,8 @@ module ApplicationHelper ...@@ -90,6 +90,8 @@ module ApplicationHelper
end end
def search_autocomplete_source def search_autocomplete_source
return unless current_user
projects = current_user.authorized_projects.map { |p| { label: "project: #{simple_sanitize(p.name_with_namespace)}", url: project_path(p) } } projects = current_user.authorized_projects.map { |p| { label: "project: #{simple_sanitize(p.name_with_namespace)}", url: project_path(p) } }
groups = current_user.authorized_groups.map { |group| { label: "group: #{simple_sanitize(group.name)}", url: group_path(group) } } groups = current_user.authorized_groups.map { |group| { label: "group: #{simple_sanitize(group.name)}", url: group_path(group) } }
......
class Ability class Ability
class << self class << self
def allowed(user, subject) def allowed(user, subject)
return not_auth_abilities(user, subject) if user.nil?
return [] unless user.kind_of?(User) return [] unless user.kind_of?(User)
return [] if user.blocked? return [] if user.blocked?
...@@ -17,6 +18,24 @@ class Ability ...@@ -17,6 +18,24 @@ class Ability
end.concat(global_abilities(user)) end.concat(global_abilities(user))
end end
# List of possible abilities
# for non-authenticated user
def not_auth_abilities(user, subject)
project = if subject.kind_of?(Project)
subject
elsif subject.respond_to?(:project)
subject.project
else
nil
end
if project && project.public
public_project_rules
else
[]
end
end
def global_abilities(user) def global_abilities(user)
rules = [] rules = []
rules << :create_group if user.can_create_group rules << :create_group if user.can_create_group
...@@ -58,19 +77,9 @@ class Ability ...@@ -58,19 +77,9 @@ class Ability
end end
def public_project_rules def public_project_rules
[ project_guest_rules + [
:download_code, :download_code,
:fork_project, :fork_project,
:read_project,
:read_wiki,
:read_issue,
:read_milestone,
:read_project_snippet,
:read_team_member,
:read_merge_request,
:read_note,
:write_issue,
:write_note
] ]
end end
......
!!! 5 !!! 5
%html{ lang: "en"} %html{ lang: "en"}
= render "layouts/head", title: "Public Projects" = render "layouts/head", title: "Public Projects"
%body{class: "#{app_theme} application", :'data-page' => body_data_page} %body{class: "ui_mars application", :'data-page' => body_data_page}
- if current_user - if current_user
= render "layouts/head_panel", title: "Public Projects" = render "layouts/head_panel", title: "Public Projects"
- else - else
...@@ -13,7 +13,12 @@ ...@@ -13,7 +13,12 @@
= link_to public_root_path, class: "home" do = link_to public_root_path, class: "home" do
%h1 GITLAB %h1 GITLAB
%span.separator %span.separator
%h1.project_name Public Projects %h1.project_name
- if @project
= project_title(@project)
- else
Public Projects
%ul.nav %ul.nav
%li %li
%a %a
...@@ -21,8 +26,14 @@ ...@@ -21,8 +26,14 @@
%i.icon-refresh.icon-spin %i.icon-refresh.icon-spin
Loading... Loading...
%li %li
= link_to "Sign in", new_session_path(:user) = link_to "Sign in", new_session_path(:user), class: 'btn btn-sign-in'
- if @project
%nav.main-nav
.container= render 'layouts/nav/project'
.container
.content= yield
- else
.container.navless-container .container.navless-container
.content .content= yield
= yield
...@@ -5,7 +5,7 @@ ...@@ -5,7 +5,7 @@
.span3.pull-right .span3.pull-right
.pull-right .pull-right
- unless @project.empty_repo? - unless @project.empty_repo?
- if can?(current_user, :fork_project, @project) && @project.namespace != current_user.namespace - if current_user && can?(current_user, :fork_project, @project) && @project.namespace != current_user.namespace
- if current_user.already_forked?(@project) - if current_user.already_forked?(@project)
= link_to project_path(current_user.fork_of(@project)), class: 'btn grouped disabled' do = link_to project_path(current_user.fork_of(@project)), class: 'btn grouped disabled' do
%i.icon-code-fork %i.icon-code-fork
......
...@@ -21,7 +21,7 @@ ...@@ -21,7 +21,7 @@
Stats Stats
- if current_controller?(:commits) && current_user.private_token - if current_user && current_controller?(:commits) && current_user.private_token
%li.pull-right %li.pull-right
= link_to project_commits_path(@project, @ref, {format: :atom, private_token: current_user.private_token}), title: "Feed" do = link_to project_commits_path(@project, @ref, {format: :atom, private_token: current_user.private_token}), title: "Feed" do
%i.icon-rss %i.icon-rss
...@@ -5,6 +5,7 @@ ...@@ -5,6 +5,7 @@
= link_to 'Milestones', project_milestones_path(@project), class: "tab" = link_to 'Milestones', project_milestones_path(@project), class: "tab"
= nav_link(controller: :labels) do = nav_link(controller: :labels) do
= link_to 'Labels', project_labels_path(@project), class: "tab" = link_to 'Labels', project_labels_path(@project), class: "tab"
- if current_user
%li.pull-right %li.pull-right
= link_to project_issues_path(@project, :atom, { private_token: current_user.private_token }) do = link_to project_issues_path(@project, :atom, { private_token: current_user.private_token }) do
%i.icon-rss %i.icon-rss
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment