Commit 83e83b66 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Improve grack auth

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent 612a909e
require_relative 'shell_env' require_relative 'shell_env'
require_relative 'grack_helpers'
module Grack module Grack
class Auth < Rack::Auth::Basic class Auth < Rack::Auth::Basic
include Helpers
attr_accessor :user, :project, :env attr_accessor :user, :project, :env
...@@ -79,12 +77,14 @@ module Grack ...@@ -79,12 +77,14 @@ module Grack
def authorize_request(service) def authorize_request(service)
case service case service
when 'git-upload-pack' when *Gitlab::GitAccess::DOWNLOAD_COMMANDS
# Serve only upload request. # Serve only upload request.
# Authorization on push will be serverd by update hook in repository # Authorization on push will be serverd by update hook in repository
Gitlab::GitAccess.new.download_allowed?(user, project) Gitlab::GitAccess.new.download_allowed?(user, project)
else when *Gitlab::GitAccess::PUSH_COMMANDS
true true
else
false
end end
end end
...@@ -101,5 +101,18 @@ module Grack ...@@ -101,5 +101,18 @@ module Grack
def project def project
@project ||= project_by_path(@request.path_info) @project ||= project_by_path(@request.path_info)
end end
def project_by_path(path)
if m = /^([\w\.\/-]+)\.git/.match(path).to_a
path_with_namespace = m.last
path_with_namespace.gsub!(/\.wiki$/, '')
Project.find_with_namespace(path_with_namespace)
end
end
def render_not_found
[404, {"Content-Type" => "text/plain"}, ["Not Found"]]
end
end end
end end
module Grack
module Helpers
def project_by_path(path)
if m = /^([\w\.\/-]+)\.git/.match(path).to_a
path_with_namespace = m.last
path_with_namespace.gsub!(/\.wiki$/, '')
Project.find_with_namespace(path_with_namespace)
end
end
def render_not_found
[404, {"Content-Type" => "text/plain"}, ["Not Found"]]
end
def can?(object, action, subject)
abilities.allowed?(object, action, subject)
end
def abilities
@abilities ||= begin
abilities = Six.new
abilities << Ability
abilities
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment