Commit d698d3e8 authored by Jacob Vosmaer's avatar Jacob Vosmaer

More changes suggested by Rémy

parent b64cbacc
class Projects::GitHttpController < Projects::ApplicationController class Projects::GitHttpController < Projects::ApplicationController
attr_reader :user
skip_before_action :repository skip_before_action :repository
before_action :authenticate_user before_action :authenticate_user
before_action :ensure_project_found? before_action :ensure_project_found!
# GET /foo/bar.git/info/refs?service=git-upload-pack (git pull) # GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
# GET /foo/bar.git/info/refs?service=git-receive-pack (git push) # GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
...@@ -47,29 +49,29 @@ class Projects::GitHttpController < Projects::ApplicationController ...@@ -47,29 +49,29 @@ class Projects::GitHttpController < Projects::ApplicationController
end end
end end
def ensure_project_found? def ensure_project_found!
render_not_found if project.blank? render_not_found if project.blank?
end end
def valid_ci_request?(login, password) def valid_ci_request?(login, password)
matched_login = /(?<service>^[a-zA-Z]*-ci)-token$/.match(login) matched_login = /(?<service>^[a-zA-Z]*-ci)-token$/.match(login)
if project && matched_login.present? && upload_pack? unless project && matched_login.present? && upload_pack?
return false
end
underscored_service = matched_login['service'].underscore underscored_service = matched_login['service'].underscore
if underscored_service == 'gitlab_ci' if underscored_service == 'gitlab_ci'
return project && project.valid_build_token?(password) project && project.valid_build_token?(password)
elsif Service.available_services_names.include?(underscored_service) elsif Service.available_services_names.include?(underscored_service)
# We treat underscored_service as a trusted input because it is included # We treat underscored_service as a trusted input because it is included
# in the Service.available_services_names whitelist. # in the Service.available_services_names whitelist.
service_method = "#{underscored_service}_service" service_method = "#{underscored_service}_service"
service = project.send(service_method) service = project.send(service_method)
return service && service.activated? && service.valid_token?(password) service && service.activated? && service.valid_token?(password)
end
end end
false
end end
def oauth_access_token_check(login, password) def oauth_access_token_check(login, password)
...@@ -185,10 +187,6 @@ class Projects::GitHttpController < Projects::ApplicationController ...@@ -185,10 +187,6 @@ class Projects::GitHttpController < Projects::ApplicationController
!!@ci !!@ci
end end
def user
@user
end
def upload_pack_allowed? def upload_pack_allowed?
if !Gitlab.config.gitlab_shell.upload_pack if !Gitlab.config.gitlab_shell.upload_pack
false false
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment