Commit baa733c6 authored by Douwe Maan's avatar Douwe Maan

Merge branch 'cernvcs/gitlab-ee-feature/kerberos_ui_project_url'

parents 6b4f97f8 5f29d77c
v 8.3.0 (unreleased)
- License information can now be retrieved via the API
- Show Kerberos clone url when Kerberos enabled and url different than HTTP url (Borja Aparicio)
- Fix bug with negative approvals required
- Add group contribution statistics page
......
......@@ -4,8 +4,11 @@ class @Project
$('.js-protocol-switch').click ->
return if $(@).hasClass('active')
# Toggle 'active' for both buttons
$('.js-protocol-switch').toggleClass('active')
# Remove the active class for all buttons (ssh, http, kerberos if shown)
$('.active').not($(@)).removeClass('active');
# Add the active class for the clicked button
$(@).toggleClass('active')
url = $(@).data('clone')
......
......@@ -55,4 +55,20 @@ module ButtonHelper
},
type: :button
end
def kerberos_clone_button(project)
klass = 'btn js-protocol-switch'
klass << ' active' if default_clone_protocol == 'kerberos'
klass << ' has_tooltip'
content_tag :button, 'KRB5',
class: klass,
data: {
clone: project.kerberos_url_to_repo,
container: 'body',
html: 'true',
title: 'Get a Kerberos token for your account with kinit<br>to pull or push via Kerberos.'
},
type: :button
end
end
......@@ -182,6 +182,11 @@ module ProjectsHelper
current_user ? "ssh" : "http"
end
# Given the current GitLab configuration, check whether the GitLab URL for Kerberos is going to be different than the HTTP URL
def alternative_kerberos_url?
Gitlab.config.alternative_gitlab_kerberos_url?
end
def project_last_activity(project)
if project.last_activity_at
time_ago_with_tooltip(project.last_activity_at, placement: 'bottom', html_class: 'last_activity_time_ago')
......
......@@ -727,6 +727,11 @@ class Project < ActiveRecord::Base
"#{web_url}.git"
end
# No need to have a Kerberos Web url. Kerberos URL will be used only to clone
def kerberos_url_to_repo
"#{Gitlab.config.build_gitlab_kerberos_url + Gitlab::Application.routes.url_helpers.namespace_project_path(self.namespace, self)}.git"
end
# Check if current branch name is marked as protected in the system
def protected_branch?(branch_name)
protected_branches_names.include?(branch_name)
......
......@@ -5,6 +5,9 @@
= ssh_clone_button(project)
.input-group-btn
= http_clone_button(project)
- if alternative_kerberos_url?
.input-group-btn
= kerberos_clone_button(project)
= text_field_tag :project_clone, default_url_to_repo(project), class: "js-select-on-focus form-control", readonly: true
.input-group-btn
= clipboard_button(clipboard_target: '#project_clone')
......@@ -54,6 +54,30 @@ class Settings < Settingslogic
(base_gitlab_url + [gitlab.relative_url_root]).join('')
end
def kerberos_protocol
kerberos.https ? "https" : "http"
end
def kerberos_port
kerberos.use_dedicated_port ? kerberos.port : gitlab.port
end
# Curl expects username/password for authentication. However when using GSS-Negotiate not credentials should be needed.
# By inserting in the Kerberos dedicated URL ":@", we give to curl an empty username and password and GSS auth goes ahead
# Known bug reported in http://sourceforge.net/p/curl/bugs/440/ and http://curl.haxx.se/docs/knownbugs.html
def build_gitlab_kerberos_url
[ kerberos_protocol,
"://:@",
gitlab.host,
":#{kerberos_port}",
gitlab.relative_url_root
].join('')
end
def alternative_gitlab_kerberos_url?
kerberos.enabled && (build_gitlab_kerberos_url != build_gitlab_url)
end
# check that values in `current` (string or integer) is a contant in `modul`.
def verify_constant_array(modul, current, default)
values = default || []
......
......@@ -12,8 +12,9 @@ Feature: Project Create
And I should see empty project instuctions
@javascript
Scenario: Empty project instructions
Scenario: Empty project instructions with Kerberos disabled
Given I sign in as a user
Given KRB5 disabled
When I visit new project page
And fill project form with valid data
Then I see empty project instuctions
......@@ -21,3 +22,18 @@ Feature: Project Create
Then Remote url should update to http link
And If I click on SSH
Then Remote url should update to ssh link
@javascript
Scenario: Empty project instructions with Kerberos enabled
Given I sign in as a user
Given KRB5 enabled
When I visit new project page
And fill project form with valid data
Then I see empty project instuctions
And I click on HTTP
Then Remote url should update to http link
And If I click on SSH
Then Remote url should update to ssh link
And If I click on KRB5
Then Remote url should update to kerberos link
And KRB5 disabled
......@@ -18,6 +18,16 @@ class Spinach::Features::ProjectCreate < Spinach::FeatureSteps
expect(page).to have_content Project.last.url_to_repo
end
step 'KRB5 enabled' do
# Enable Kerberos in an alternative port to force Kerberos button and URL to show up in the UI
allow(Gitlab.config.kerberos).to receive(:enabled).and_return(true)
allow(Gitlab.config.kerberos).to receive(:use_dedicated_port).and_return(true)
end
step 'KRB5 disabled' do
allow(Gitlab.config.kerberos).to receive(:enabled).and_return(false)
end
step 'I see empty project instuctions' do
expect(page).to have_content "git init"
expect(page).to have_content "git remote"
......@@ -39,4 +49,12 @@ class Spinach::Features::ProjectCreate < Spinach::FeatureSteps
step 'Remote url should update to ssh link' do
expect(page).to have_content "git remote add origin #{Project.last.url_to_repo}"
end
step 'If I click on KRB5' do
click_button 'KRB5'
end
step 'Remote url should update to kerberos link' do
expect(page).to have_content "git remote add origin #{Project.last.kerberos_url_to_repo}"
end
end
......@@ -128,6 +128,14 @@ describe Project do
end
end
describe "#kerberos_url_to_repo" do
let(:project) { create(:empty_project, path: "somewhere") }
it 'should return valid kerberos url for this repo' do
expect(project.kerberos_url_to_repo).to eq("#{Gitlab.config.build_gitlab_kerberos_url}/#{project.namespace.path}/somewhere.git")
end
end
describe 'last_activity methods' do
let(:project) { create(:project) }
let(:last_event) { double(created_at: Time.now) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment