Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
gitlab-foss
提交
7dd18a3e
G
gitlab-foss
项目概览
李少辉-开发者
/
gitlab-foss
通知
15
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
G
gitlab-foss
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
未验证
提交
7dd18a3e
编写于
3月 21, 2014
作者:
D
Dmitriy Zaporozhets
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Fix http clone for public project
Signed-off-by:
N
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
上级
8ae59330
变更
2
隐藏空白更改
内联
并排
Showing
2 changed file
with
38 addition
and
26 deletion
+38
-26
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+36
-24
lib/gitlab/git_access.rb
lib/gitlab/git_access.rb
+2
-2
未找到文件。
lib/gitlab/backend/grack_auth.rb
浏览文件 @
7dd18a3e
...
...
@@ -22,14 +22,16 @@ module Grack
@env
[
'SCRIPT_NAME'
]
=
""
auth!
if
project
auth!
else
render_not_found
end
end
private
def
auth!
return
render_not_found
unless
project
if
@auth
.
provided?
return
bad_request
unless
@auth
.
basic?
...
...
@@ -38,12 +40,8 @@ module Grack
# Allow authentication for GitLab CI service
# if valid token passed
if
login
==
"gitlab-ci-token"
&&
project
.
gitlab_ci?
token
=
project
.
gitlab_ci_service
.
token
if
token
.
present?
&&
token
==
password
&&
service_name
==
'git-upload-pack'
return
@app
.
call
(
env
)
end
if
gitlab_ci_request?
(
login
,
password
)
return
@app
.
call
(
env
)
end
@user
=
authenticate_user
(
login
,
password
)
...
...
@@ -51,23 +49,26 @@ module Grack
if
@user
Gitlab
::
ShellEnv
.
set_env
(
@user
)
@env
[
'REMOTE_USER'
]
=
@auth
.
username
else
return
unauthorized
end
else
return
unauthorized
unless
project
.
public?
end
if
authorized_
git_
request?
if
authorized_request?
@app
.
call
(
env
)
else
unauthorized
end
end
def
authorized_git_request?
authorize_request
(
service_name
)
def
gitlab_ci_request?
(
login
,
password
)
if
login
==
"gitlab-ci-token"
&&
project
.
gitlab_ci?
token
=
project
.
gitlab_ci_service
.
token
if
token
.
present?
&&
token
==
password
&&
git_cmd
==
'git-upload-pack'
true
end
end
false
end
def
authenticate_user
(
login
,
password
)
...
...
@@ -75,20 +76,31 @@ module Grack
auth
.
find
(
login
,
password
)
end
def
authorize
_request
(
service
)
case
service
def
authorize
d_request?
case
git_cmd
when
*
Gitlab
::
GitAccess
::
DOWNLOAD_COMMANDS
# Serve only upload request.
# Authorization on push will be serverd by update hook in repository
Gitlab
::
GitAccess
.
new
.
download_allowed?
(
user
,
project
)
if
user
Gitlab
::
GitAccess
.
new
.
download_allowed?
(
user
,
project
)
elsif
project
.
public?
# Allow clone/fetch for public projects
true
else
false
end
when
*
Gitlab
::
GitAccess
::
PUSH_COMMANDS
true
if
user
# Skip user authorization on upload request.
# It will be serverd by update hook in repository
true
else
false
end
else
false
end
end
def
service_name
def
git_cmd
if
@request
.
get?
@request
.
params
[
'service'
]
elsif
@request
.
post?
...
...
lib/gitlab/git_access.rb
浏览文件 @
7dd18a3e
...
...
@@ -34,7 +34,7 @@ module Gitlab
end
def
download_allowed?
(
user
,
project
)
if
user_allowed?
(
user
)
if
user
&&
user
_allowed?
(
user
)
user
.
can?
(
:download_code
,
project
)
else
false
...
...
@@ -42,7 +42,7 @@ module Gitlab
end
def
push_allowed?
(
user
,
project
,
ref
,
oldrev
,
newrev
)
if
user_allowed?
(
user
)
if
user
&&
user
_allowed?
(
user
)
action
=
if
project
.
protected_branch?
(
ref
)
:push_code_to_protected_branches
else
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录