Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
2f191520
Commit
2f191520
authored
Jun 29, 2015
by
Artem V. Navrotskiy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add git-lfs-authenticate to command white list
parent
4d30c0c5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
16 additions
and
3 deletions
+16
-3
lib/gitlab_shell.rb
lib/gitlab_shell.rb
+16
-3
No files found.
lib/gitlab_shell.rb
View file @
2f191520
...
...
@@ -7,7 +7,7 @@ class GitlabShell
class
DisallowedCommandError
<
StandardError
;
end
class
InvalidRepositoryPathError
<
StandardError
;
end
GIT_COMMANDS
=
%w(git-upload-pack git-receive-pack git-upload-archive git-annex-shell)
.
freeze
GIT_COMMANDS
=
%w(git-upload-pack git-receive-pack git-upload-archive git-annex-shell
git-lfs-authenticate
)
.
freeze
attr_accessor
:key_id
,
:repo_name
,
:git_cmd
,
:repos_path
,
:repo_name
...
...
@@ -56,16 +56,29 @@ class GitlabShell
def
parse_cmd
args
=
Shellwords
.
shellwords
(
@origin_cmd
)
@git_cmd
=
args
.
first
@git_access
=
@git_cmd
raise
DisallowedCommandError
unless
GIT_COMMANDS
.
include?
(
@git_cmd
)
if
@git_cmd
==
'git-annex-shell'
case
@git_cmd
when
'git-annex-shell'
raise
DisallowedCommandError
unless
@config
.
git_annex_enabled?
@repo_name
=
escape_path
(
args
[
2
].
sub
(
/\A\/~\//
,
''
))
# Make sure repository has git-annex enabled
init_git_annex
(
@repo_name
)
when
'git-lfs-authenticate'
raise
DisallowedCommandError
unless
args
.
count
>=
2
@repo_name
=
escape_path
(
args
[
1
])
case
args
[
2
]
when
'download'
@git_access
=
'git-upload-pack'
when
'upload'
@git_access
=
'git-receive-pack'
else
raise
DisallowedCommandError
end
else
raise
DisallowedCommandError
unless
args
.
count
==
2
@repo_name
=
escape_path
(
args
.
last
)
...
...
@@ -73,7 +86,7 @@ class GitlabShell
end
def
verify_access
status
=
api
.
check_access
(
@git_
cmd
,
@repo_name
,
@key_id
,
'_any'
)
status
=
api
.
check_access
(
@git_
access
,
@repo_name
,
@key_id
,
'_any'
)
raise
AccessDeniedError
,
status
.
message
unless
status
.
allowed?
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment