Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
80b8921a
Commit
80b8921a
authored
Jan 14, 2013
by
Jeremy Slater
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Public HTTP clones and remove auth request for public projects
parent
eff6d3c1
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
48 additions
and
20 deletions
+48
-20
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+48
-20
No files found.
lib/gitlab/backend/grack_auth.rb
View file @
80b8921a
...
@@ -2,30 +2,42 @@ module Grack
...
@@ -2,30 +2,42 @@ module Grack
class
Auth
<
Rack
::
Auth
::
Basic
class
Auth
<
Rack
::
Auth
::
Basic
attr_accessor
:user
,
:project
attr_accessor
:user
,
:project
def
valid?
def
call
(
env
)
# Find project by PATH_INFO from env
@env
=
env
if
m
=
/^\/([\w\.\/-]+)\.git/
.
match
(
@request
.
path_info
).
to_a
@request
=
Rack
::
Request
.
new
(
env
)
self
.
project
=
Project
.
find_with_namespace
(
m
.
last
)
@auth
=
Request
.
new
(
env
)
return
false
unless
project
end
if
@request
.
get?
&&
project
.
public
# Pass Gitolite update hook
return
true
ENV
[
'GL_BYPASS_UPDATE_HOOK'
]
=
"true"
end
# Authentication with username and password
# Need this patch due to the rails mount
login
,
password
=
@auth
.
credentials
@env
[
'PATH_INFO'
]
=
@request
.
path
@env
[
'SCRIPT_NAME'
]
=
""
self
.
user
=
User
.
find_by_email
(
login
)
||
User
.
find_by_username
(
login
)
return
render_not_found
unless
project
return
unauthorized
unless
project
.
public
||
@auth
.
provided?
return
bad_request
if
@auth
.
provided?
&&
!
@auth
.
basic?
return
false
unless
user
.
try
(
:valid_password?
,
password
)
if
valid?
if
@auth
.
provided?
@env
[
'REMOTE_USER'
]
=
@auth
.
username
end
return
@app
.
call
(
env
)
else
unauthorized
end
end
email
=
user
.
email
def
valid?
if
@auth
.
provided?
# Authentication with username and password
login
,
password
=
@auth
.
credentials
self
.
user
=
User
.
find_by_email
(
login
)
||
User
.
find_by_username
(
login
)
return
false
unless
user
.
try
(
:valid_password?
,
password
)
# Set GL_USER env variable
# Set GL_USER env variable
ENV
[
'GL_USER'
]
=
email
ENV
[
'GL_USER'
]
=
user
.
email
# Pass Gitolite update hook
end
ENV
[
'GL_BYPASS_UPDATE_HOOK'
]
=
"true"
# Git upload and receive
# Git upload and receive
if
@request
.
get?
if
@request
.
get?
...
@@ -38,12 +50,12 @@ module Grack
...
@@ -38,12 +50,12 @@ module Grack
end
end
def
validate_get_request
def
validate_get_request
can?
(
user
,
:download_code
,
project
)
project
.
public
||
can?
(
user
,
:download_code
,
project
)
end
end
def
validate_post_request
def
validate_post_request
if
@request
.
path_info
.
end_with?
(
'git-upload-pack'
)
if
@request
.
path_info
.
end_with?
(
'git-upload-pack'
)
can?
(
user
,
:download_code
,
project
)
project
.
public
||
can?
(
user
,
:download_code
,
project
)
elsif
@request
.
path_info
.
end_with?
(
'git-receive-pack'
)
elsif
@request
.
path_info
.
end_with?
(
'git-receive-pack'
)
action
=
if
project
.
protected_branch?
(
current_ref
)
action
=
if
project
.
protected_branch?
(
current_ref
)
:push_code_to_protected_branches
:push_code_to_protected_branches
...
@@ -72,6 +84,22 @@ module Grack
...
@@ -72,6 +84,22 @@ module Grack
/refs\/heads\/([\w\.-]+)/
.
match
(
input
).
to_a
.
first
/refs\/heads\/([\w\.-]+)/
.
match
(
input
).
to_a
.
first
end
end
def
project
unless
instance_variable_defined?
:@project
# Find project by PATH_INFO from env
if
m
=
/^\/([\w\.\/-]+)\.git/
.
match
(
@request
.
path_info
).
to_a
@project
=
Project
.
find_with_namespace
(
m
.
last
)
end
end
return
@project
end
PLAIN_TYPE
=
{
"Content-Type"
=>
"text/plain"
}
def
render_not_found
[
404
,
PLAIN_TYPE
,
[
"Not Found"
]]
end
protected
protected
def
abilities
def
abilities
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment