Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
7b59e2e2
Commit
7b59e2e2
authored
Mar 19, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use GitAccess in internal api
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
b4bef5e6
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
19 additions
and
41 deletions
+19
-41
lib/api/internal.rb
lib/api/internal.rb
+19
-41
No files found.
lib/api/internal.rb
View file @
7b59e2e2
module
API
module
API
# Internal access API
# Internal access API
class
Internal
<
Grape
::
API
class
Internal
<
Grape
::
API
DOWNLOAD_COMMANDS
=
%w{ git-upload-pack git-upload-archive }
PUSH_COMMANDS
=
%w{ git-receive-pack }
namespace
'internal'
do
namespace
'internal'
do
#
# Check if git command is allowed to project
# Check if ssh key has access to project code
#
#
# Params:
# Params:
# key_id - SSH Key id
# key_id - ssh key id for Git over SSH
# user_id - user id for Git over HTTP
# project - project path with namespace
# project - project path with namespace
# action - git action (git-upload-pack or git-receive-pack)
# action - git action (git-upload-pack or git-receive-pack)
# ref - branch name
# ref - branch name
...
@@ -22,43 +18,25 @@ module API
...
@@ -22,43 +18,25 @@ module API
# the wiki repository as well.
# the wiki repository as well.
project_path
=
params
[
:project
]
project_path
=
params
[
:project
]
project_path
.
gsub!
(
/\.wiki/
,
''
)
if
project_path
=~
/\.wiki/
project_path
.
gsub!
(
/\.wiki/
,
''
)
if
project_path
=~
/\.wiki/
key
=
Key
.
find
(
params
[
:key_id
])
project
=
Project
.
find_with_namespace
(
project_path
)
project
=
Project
.
find_with_namespace
(
project_path
)
git_cmd
=
params
[
:action
]
return
false
unless
project
return
false
unless
project
actor
=
if
params
[
:key_id
]
if
key
.
is_a?
DeployKey
Key
.
find
(
params
[
:key_id
])
key
.
projects
.
include?
(
project
)
&&
DOWNLOAD_COMMANDS
.
include?
(
git_cmd
)
elsif
params
[
:user_id
]
else
User
.
find
(
params
[
:user_id
])
user
=
key
.
user
end
return
false
if
user
.
blocked?
return
false
unless
actor
if
Gitlab
.
config
.
ldap
.
enabled
Gitlab
::
GitAccess
.
new
.
allowed?
(
if
user
.
ldap_user?
actor
,
# Check if LDAP user exists and match LDAP user_filter
params
[
:action
],
unless
Gitlab
::
LDAP
::
Access
.
new
.
allowed?
(
user
)
project
,
return
false
params
[
:ref
],
end
params
[
:oldrev
],
end
params
[
:newrev
]
end
)
action
=
case
git_cmd
when
*
DOWNLOAD_COMMANDS
then
:download_code
when
*
PUSH_COMMANDS
then
if
project
.
protected_branch?
(
params
[
:ref
])
:push_code_to_protected_branches
else
:push_code
end
end
user
.
can?
(
action
,
project
)
end
end
end
#
#
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment