Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d698d3e8
Commit
d698d3e8
authored
Apr 25, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
More changes suggested by Rémy
parent
b64cbacc
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
17 additions
and
19 deletions
+17
-19
app/controllers/projects/git_http_controller.rb
app/controllers/projects/git_http_controller.rb
+17
-19
No files found.
app/controllers/projects/git_http_controller.rb
View file @
d698d3e8
class
Projects::GitHttpController
<
Projects
::
ApplicationController
class
Projects::GitHttpController
<
Projects
::
ApplicationController
attr_reader
:user
skip_before_action
:repository
skip_before_action
:repository
before_action
:authenticate_user
before_action
:authenticate_user
before_action
:ensure_project_found
?
before_action
:ensure_project_found
!
# GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
# GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
# GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
# GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
...
@@ -47,29 +49,29 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -47,29 +49,29 @@ class Projects::GitHttpController < Projects::ApplicationController
end
end
end
end
def
ensure_project_found
?
def
ensure_project_found
!
render_not_found
if
project
.
blank?
render_not_found
if
project
.
blank?
end
end
def
valid_ci_request?
(
login
,
password
)
def
valid_ci_request?
(
login
,
password
)
matched_login
=
/(?<service>^[a-zA-Z]*-ci)-token$/
.
match
(
login
)
matched_login
=
/(?<service>^[a-zA-Z]*-ci)-token$/
.
match
(
login
)
if
project
&&
matched_login
.
present?
&&
upload_pack?
unless
project
&&
matched_login
.
present?
&&
upload_pack?
return
false
end
underscored_service
=
matched_login
[
'service'
].
underscore
underscored_service
=
matched_login
[
'service'
].
underscore
if
underscored_service
==
'gitlab_ci'
if
underscored_service
==
'gitlab_ci'
return
project
&&
project
.
valid_build_token?
(
password
)
project
&&
project
.
valid_build_token?
(
password
)
elsif
Service
.
available_services_names
.
include?
(
underscored_service
)
elsif
Service
.
available_services_names
.
include?
(
underscored_service
)
# We treat underscored_service as a trusted input because it is included
# We treat underscored_service as a trusted input because it is included
# in the Service.available_services_names whitelist.
# in the Service.available_services_names whitelist.
service_method
=
"
#{
underscored_service
}
_service"
service_method
=
"
#{
underscored_service
}
_service"
service
=
project
.
send
(
service_method
)
service
=
project
.
send
(
service_method
)
return
service
&&
service
.
activated?
&&
service
.
valid_token?
(
password
)
service
&&
service
.
activated?
&&
service
.
valid_token?
(
password
)
end
end
end
false
end
end
def
oauth_access_token_check
(
login
,
password
)
def
oauth_access_token_check
(
login
,
password
)
...
@@ -185,10 +187,6 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -185,10 +187,6 @@ class Projects::GitHttpController < Projects::ApplicationController
!!
@ci
!!
@ci
end
end
def
user
@user
end
def
upload_pack_allowed?
def
upload_pack_allowed?
if
!
Gitlab
.
config
.
gitlab_shell
.
upload_pack
if
!
Gitlab
.
config
.
gitlab_shell
.
upload_pack
false
false
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment