Resolve conflicts in lib/gitlab/checks/change_access.rb and lib/gitlab/git_access.rb

918210a8 · Nick Thomas · d3601a49 · 918210a8 · 918210a8
Commit 918210a8 authored Jun 07, 2017 by Nick Thomas
Hide whitespace changes
Inline Side-by-side

Showing with 14 additions and 36 deletions

lib/gitlab/checks/change_access.rb lib/gitlab/checks/change_access.rb +6 -14

lib/gitlab/git_access.rb lib/gitlab/git_access.rb +8 -22

No files found.
--- a/lib/gitlab/checks/change_access.rb
+++ b/lib/gitlab/checks/change_access.rb
 module Gitlab
  module Checks
    class ChangeAccess
-<<<<<<< HEAD
      include PathLocksHelper

-      # protocol is currently used only in EE
-=======
      ERROR_MESSAGES = {
        push_code: 'You are not allowed to push code to this project.',
        delete_default_branch: 'The default branch of a project cannot be deleted.',
@@ -20,7 +17,7 @@ module Gitlab
        create_protected_tag: 'You are not allowed to create this tag as it is protected.'
      }.freeze

->>>>>>> ce/master
+      # protocol is currently used only in EE
      attr_reader :user_access, :project, :skip_authorization, :protocol

      def initialize(
@@ -39,13 +36,10 @@ module Gitlab
      def exec
        return true if skip_authorization

-<<<<<<< HEAD
-        error = push_checks || branch_checks || tag_checks || push_rule_check
-=======
        push_checks
        branch_checks
        tag_checks
->>>>>>> ce/master
+        push_rule_check

        true
      end
@@ -155,7 +149,7 @@ module Gitlab
        # Prevent tag removal
        if @tag_name
          if tag_deletion_denied_by_push_rule?(push_rule)
-            return 'You cannot delete a tag'
+            raise GitAccess::UnauthorizedError, 'You cannot delete a tag'
          end
        else
          commit_validation = push_rule.try(:commit_validation?)
@@ -166,16 +160,14 @@ module Gitlab
          commits.each do |commit|
            if commit_validation
              error = check_commit(commit, push_rule)
-              return error if error
+              raise GitAccess::UnauthorizedError, error if error
            end

            if error = check_commit_diff(commit, push_rule)
-              return error
+              raise GitAccess::UnauthorizedError, error
            end
          end
        end
-
-        nil
      end

      def tag_deletion_denied_by_push_rule?(push_rule)
@@ -186,7 +178,7 @@ module Gitlab
      end

      # If commit does not pass push rule validation the whole push should be rejected.
-      # This method should return nil if no error found or status object if there are some errors.
+      # This method should return nil if no error found or a string if error.
      # In case of errors - all other checks will be canceled and push will be rejected.
      def check_commit(commit, push_rule)
        unless push_rule.commit_message_allowed?(commit.safe_message)

--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -17,7 +17,8 @@ module Gitlab
      account_blocked: 'Your account has been blocked.',
      command_not_allowed: "The command you're trying to execute is not allowed.",
      upload_pack_disabled_over_http: 'Pulling over HTTP is not allowed.',
-      receive_pack_disabled_over_http: 'Pushing over HTTP is not allowed.'
+      receive_pack_disabled_over_http: 'Pushing over HTTP is not allowed.',
+      cannot_push_to_secondary_geo: "You can't push code to a secondary GitLab Geo node."
    }.freeze

    DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }.freeze
@@ -148,7 +149,7 @@ module Gitlab
      end

      if Gitlab::Geo.secondary?
-        raise UnauthorizedError, "You can't push code on a secondary GitLab Geo node."
+        raise UnauthorizedError, ERROR_MESSAGES[:cannot_push_to_secondary_geo]
      end

      if deploy_key
@@ -192,13 +193,9 @@ module Gitlab

      # Iterate over all changes to find if user allowed all of them to be applied
      changes_list.each do |change|
-<<<<<<< HEAD
-        status = check_single_change_access(change)
-
-        unless status.allowed?
-          # If user does not have access to make at least one change - cancel all push
-          raise UnauthorizedError, status.message
-        end
+        # If user does not have access to make at least one change, cancel all
+        # push by allowing the exception to bubble up
+        check_single_change_access(change)

        if project.size_limit_enabled?
          push_size_in_bytes += EE::Gitlab::Deltas.delta_size_check(change, project.repository)
@@ -207,11 +204,6 @@ module Gitlab

      if project.changes_will_exceed_size_limit?(push_size_in_bytes)
        raise UnauthorizedError, Gitlab::RepositorySizeError.new(project).new_changes_error
-=======
-        # If user does not have access to make at least one change, cancel all
-        # push by allowing the exception to bubble up
-        check_single_change_access(change)
->>>>>>> ce/master
      end
    end

@@ -233,17 +225,16 @@ module Gitlab
      actor.is_a?(DeployKey)
    end

-<<<<<<< HEAD
    def geo_node_key
      actor if geo_node_key?
    end

    def geo_node_key?
      actor.is_a?(GeoNodeKey)
-=======
+    end
+
    def ci?
      actor == :ci
->>>>>>> ce/master
    end

    def can_read_project?
@@ -287,13 +278,8 @@ module Gitlab
        case actor
        when User
          actor
-<<<<<<< HEAD
-        when DeployKey
-          nil
        when GeoNodeKey
          nil
-=======
->>>>>>> ce/master
        when Key
          actor.user unless actor.is_a?(DeployKey)
        when :ci