Skip to content

G
gitlab-foss

李少辉-开发者 / gitlab-foss

通知 15
Star 0
Fork 0
G
gitlab-foss

体验新版 GitCode,发现更多精彩内容 >>

提交 8c08fb9b 编写于 作者: D Dmitriy Zaporozhets
浏览文件
操作

Merge pull request #4662 from jzi/allow_archive_for_deploy_key 

allow all git-upload-* commands for deploy keys
上级 4f07a6a9 e03d01d0
显示空白变更内容
内联 并排
Showing with 43 addition and 3 deletion
lib/api/internal.rb
浏览文件 @ 8c08fb9b
module API
# Internal access API
class Internal < Grape::API
DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }
PUSH_COMMANDS = %w{ git-receive-pack }
namespace 'internal' do
#
# Check if ssh key has access to project code
......@@ -26,16 +30,16 @@ module API
if key.is_a? DeployKey
key.projects.include?(project) && git_cmd == 'git-upload-pack'
key.projects.include?(project) && DOWNLOAD_COMMANDS.include?(git_cmd)
else
user = key.user
return false if user.blocked?
action = case git_cmd
when 'git-upload-pack', 'git-upload-archive'
when *DOWNLOAD_COMMANDS
then :download_code
when 'git-receive-pack'
when *PUSH_COMMANDS
then
if project.protected_branch?(params[:ref])
:push_code_to_protected_branches
......
spec/requests/api/internal_spec.rb
浏览文件 @ 8c08fb9b
......@@ -100,6 +100,32 @@ describe API::API do
end
end
end
context "deploy key" do
let(:key) { create(:deploy_key) }
context "added to project" do
before do
key.projects << project
end
it do
archive(key, project)
response.status.should == 200
response.body.should == 'true'
end
end
context "not added to project" do
it do
archive(key, project)
response.status.should == 200
response.body.should == 'false'
end
end
end
end
def pull(key, project)
......@@ -121,4 +147,14 @@ describe API::API do
action: 'git-receive-pack'
)
end
def archive(key, project)
get(
api("/internal/allowed"),
ref: 'master',
key_id: key.id,
project: project.path_with_namespace,
action: 'git-upload-archive'
)
end
end
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册