Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Boxiang Sun
gitlab-ce
Commits
9397ce91
Commit
9397ce91
authored
8 years ago
by
Patricio Cano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Correct access control flow for Git HTTP requests.
parent
da15471b
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
12 additions
and
6 deletions
+12
-6
app/controllers/projects/git_http_controller.rb
app/controllers/projects/git_http_controller.rb
+8
-2
lib/gitlab/git_access.rb
lib/gitlab/git_access.rb
+4
-4
No files found.
app/controllers/projects/git_http_controller.rb
View file @
9397ce91
...
...
@@ -174,14 +174,20 @@ class Projects::GitHttpController < Projects::ApplicationController
end
end
def
access
return
@access
if
defined?
(
@access
)
@access
=
Gitlab
::
GitAccess
.
new
(
user
,
project
,
'http'
)
end
def
download_access
return
@download_access
if
defined?
(
@download_access
)
@download_access
=
Gitlab
::
GitAccess
.
new
(
user
,
project
,
'http'
)
.
check
(
'git-upload-pack'
)
@download_access
=
access
.
check
(
'git-upload-pack'
)
end
def
http_blocked?
download_
access
.
protocol_allowed?
!
access
.
protocol_allowed?
end
def
receive_pack_allowed?
...
...
This diff is collapsed.
Click to expand it.
lib/gitlab/git_access.rb
View file @
9397ce91
...
...
@@ -169,6 +169,10 @@ module Gitlab
Gitlab
::
ForcePushCheck
.
force_push?
(
project
,
oldrev
,
newrev
)
end
def
protocol_allowed?
Gitlab
::
ProtocolAccess
.
allowed?
(
protocol
)
end
private
def
protected_branch_action
(
oldrev
,
newrev
,
branch_name
)
...
...
@@ -193,10 +197,6 @@ module Gitlab
Gitlab
::
UserAccess
.
allowed?
(
user
)
end
def
protocol_allowed?
Gitlab
::
ProtocolAccess
.
allowed?
(
protocol
)
end
def
branch_name
(
ref
)
ref
=
ref
.
to_s
if
Gitlab
::
Git
.
branch_ref?
(
ref
)
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment