Fixes for Geo API and whitelisted it on the readonly middleware

ca389e1f · Gabriel Mazetto · 29de1916 · ca389e1f · ca389e1f · ca389e1f
Commit ca389e1f authored Feb 18, 2016 by Gabriel Mazetto
Show whitespace changes
Inline Side-by-side

Showing with 8 additions and 4 deletions

lib/api/api.rb lib/api/api.rb +1 -0

lib/api/geo.rb lib/api/geo.rb +2 -3

lib/gitlab/middleware/readonly_geo.rb lib/gitlab/middleware/readonly_geo.rb +5 -1

No files found.
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -27,6 +27,7 @@ module API
    helpers Helpers
+    mount Geo
    mount Groups
    mount GroupMembers
    mount Users

--- a/lib/api/geo.rb
+++ b/lib/api/geo.rb
@@ -10,9 +10,8 @@ module API
      # Example request:
      #   POST /refresh_projects
      post 'refresh_projects' do
-        attrs = attributes_for_keys [:projects]
+        required_attributes! [:projects]
+        ::Geo::ScheduleRepoUpdateService.new(params[:projects]).execute
-        Geo::ScheduleRepoUpdateService.new(attrs[:projects]).execute
      end
    end
  end

--- a/lib/gitlab/middleware/readonly_geo.rb
+++ b/lib/gitlab/middleware/readonly_geo.rb
@@ -25,7 +25,7 @@ module Gitlab
      private
      def disallowed_request?
-        DISALLOWED_METHODS.include?(@env['REQUEST_METHOD']) && !logout_route
+        DISALLOWED_METHODS.include?(@env['REQUEST_METHOD']) && !whitelisted_routes
      end
      def rack_flash
@@ -48,6 +48,10 @@ module Gitlab
        @route_hash ||= Rails.application.routes.recognize_path(request.url, { method: request.request_method }) rescue {}
      end
+      def whitelisted_routes
+        logout_route || @request.path.include?('api/v3/geo/refresh_projects')
+      end
      def logout_route
        route_hash[:controller] == 'sessions' && route_hash[:action] == 'destroy'
      end