Commit 182aa19e authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Parse all refs when do push via HTTP and check permissions for all of them

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent 3f3b202c
...@@ -82,13 +82,17 @@ module Grack ...@@ -82,13 +82,17 @@ module Grack
when 'git-upload-pack' when 'git-upload-pack'
project.public || can?(user, :download_code, project) project.public || can?(user, :download_code, project)
when'git-receive-pack' when'git-receive-pack'
refs.each do |ref|
action = if project.protected_branch?(ref) action = if project.protected_branch?(ref)
:push_code_to_protected_branches :push_code_to_protected_branches
else else
:push_code :push_code
end end
can?(user, action, project) return false unless can?(user, action, project)
end
true
else else
false false
end end
...@@ -108,11 +112,11 @@ module Grack ...@@ -108,11 +112,11 @@ module Grack
@project ||= project_by_path(@request.path_info) @project ||= project_by_path(@request.path_info)
end end
def ref def refs
@ref ||= parse_ref @refs ||= parse_refs
end end
def parse_ref def parse_refs
input = if @env["HTTP_CONTENT_ENCODING"] =~ /gzip/ input = if @env["HTTP_CONTENT_ENCODING"] =~ /gzip/
Zlib::GzipReader.new(@request.body).read Zlib::GzipReader.new(@request.body).read
else else
...@@ -121,7 +125,7 @@ module Grack ...@@ -121,7 +125,7 @@ module Grack
# Need to reset seek point # Need to reset seek point
@request.body.rewind @request.body.rewind
/refs\/heads\/([\/\w\.-]+)/n.match(input.force_encoding('ascii-8bit')).to_a.last input.force_encoding('ascii-8bit').scan(/refs\/heads\/([\/\w\.-]+)/n).flatten.compact
end end
end end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment