Default Git access protocol to `web`

29c50c53 · Patricio Cano · fbaabb39 · 29c50c53 · 29c50c53 · 29c50c53
Commit 29c50c53 authored Jun 29, 2016 by Patricio Cano
9 changed files
--- a/app/helpers/application_settings_helper.rb
+++ b/app/helpers/application_settings_helper.rb
@@ -44,19 +44,15 @@ module ApplicationSettingsHelper
    end
  end

-  def enabled_project_tooltip(project, protocol)
+  def enabled_project_button(project, protocol)
    case protocol
    when 'ssh'
-      sanitize_clone_button(ssh_clone_button(project, 'bottom'))
+      ssh_clone_button(project, 'bottom', false)
    else
-      sanitize_clone_button(http_clone_button(project, 'bottom'))
+      http_clone_button(project, 'bottom', false)
    end
  end

-  def sanitize_clone_button(input)
-    sanitize(input, tags: %w(a), attributes: %w(id class title data-html data-container data-placement data-title data-original-title aria-describedby))
-  end
-
  # Return a group of checkboxes that use Bootstrap's button plugin for a
  # toggle button effect.
  def restricted_level_checkboxes(help_block_id)

--- a/app/helpers/branches_helper.rb
+++ b/app/helpers/branches_helper.rb
@@ -12,7 +12,7 @@ module BranchesHelper
  def can_push_branch?(project, branch_name)
    return false unless project.repository.branch_exists?(branch_name)

-    ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(branch_name)
+    ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(branch_name)
  end

  def project_branches

--- a/app/helpers/button_helper.rb
+++ b/app/helpers/button_helper.rb
@@ -40,7 +40,7 @@ module ButtonHelper
      type: :button
  end

-  def http_clone_button(project, placement = 'right')
+  def http_clone_button(project, placement = 'right', append_link = true)
    klass = 'http-selector'
    klass << ' has-tooltip' if current_user.try(:require_password?)

@@ -48,7 +48,7 @@ module ButtonHelper

    content_tag :a, protocol,
      class: klass,
-      href: project.http_url_to_repo,
+      href: (project.http_url_to_repo if append_link),
      data: {
        html: true,
        placement: placement,
@@ -57,13 +57,13 @@ module ButtonHelper
      }
  end

-  def ssh_clone_button(project, placement = 'right')
+  def ssh_clone_button(project, placement = 'right', append_link = true)
    klass = 'ssh-selector'
    klass << ' has-tooltip' if current_user.try(:require_ssh_key?)

    content_tag :a, 'SSH',
      class: klass,
-      href: project.ssh_url_to_repo,
+      href: (project.ssh_url_to_repo if append_link),
      data: {
        html: true,
        placement: placement,

--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -481,7 +481,7 @@ class MergeRequest < ActiveRecord::Base
  end

  def can_be_merged_by?(user)
-    ::Gitlab::GitAccess.new(user, project, 'web').can_push_to_branch?(target_branch)
+    ::Gitlab::GitAccess.new(user, project).can_push_to_branch?(target_branch)
  end

  def mergeable_ci_state?

--- a/app/services/commits/change_service.rb
+++ b/app/services/commits/change_service.rb
@@ -23,7 +23,7 @@ module Commits
    private

    def check_push_permissions
-      allowed = ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(@target_branch)
+      allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch)

      unless allowed
        raise ValidationError.new('You are not allowed to push into this branch')

--- a/app/services/files/base_service.rb
+++ b/app/services/files/base_service.rb
@@ -43,7 +43,7 @@ module Files
    end

    def validate
-      allowed = ::Gitlab::GitAccess.new(current_user, project, 'web').can_push_to_branch?(@target_branch)
+      allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch)

      unless allowed
        raise_error("You are not allowed to push into this branch")

--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -5,7 +5,7 @@ module Gitlab

    attr_reader :actor, :project, :protocol

-    def initialize(actor, project, protocol)
+    def initialize(actor, project, protocol = 'web')
      @actor    = actor
      @project  = project
      @protocol = protocol
@@ -50,8 +50,6 @@ module Gitlab
    end

    def check(cmd, changes = nil)
-      raise 'Access denied due to unspecified Git access protocol' unless protocol.present?
-
      return build_status_object(false, "Git access over #{protocol.upcase} is not allowed") unless protocol_allowed?

      unless actor

--- a/lib/gitlab/protocol_access.rb
+++ b/lib/gitlab/protocol_access.rb
 module Gitlab
  module ProtocolAccess
    def self.allowed?(protocol)
-      if protocol.to_s == 'web'
+      if protocol == 'web'
        true
      elsif current_application_settings.enabled_git_access_protocol.blank?
        true
      else
-        protocol.to_s == current_application_settings.enabled_git_access_protocol
+        protocol == current_application_settings.enabled_git_access_protocol
      end
    end
  end

--- a/spec/lib/gitlab/git_access_spec.rb
+++ b/spec/lib/gitlab/git_access_spec.rb
 require 'spec_helper'

 describe Gitlab::GitAccess, lib: true do
-  let(:access) { Gitlab::GitAccess.new(actor, project, 'web') }
+  let(:access) { Gitlab::GitAccess.new(actor, project) }
  let(:project) { create(:project) }
  let(:user) { create(:user) }
  let(:actor) { user }