Fix JWT token check when repository does not exist

2d838890 · Valery Sizov · 35d4810f · 2d838890 · 2d838890 · 2d838890
Commit 2d838890 authored Apr 15, 2019 by Valery Sizov
3 changed files
--- a/ee/app/controllers/ee/projects/git_http_controller.rb
+++ b/ee/app/controllers/ee/projects/git_http_controller.rb
@@ -60,11 +60,11 @@ module EE
      end
      def jwt_scope_valid?
-        decoded_authorization[:scope] == repository.full_path
+        decoded_authorization[:scope] == repository_full_path
      end
-      def repository
+      def repository_full_path
-        wiki? ? project.wiki.repository : project.repository
+        File.join(params[:namespace_id], project_path)
      end
      def decoded_authorization

--- a/ee/changelogs/unreleased/fix_jwt_auth_for_not_existing_repository.yml
+++ b/ee/changelogs/unreleased/fix_jwt_auth_for_not_existing_repository.yml
+---
+title: Fix JWT token check when repository does not exist
+merge_request: 11033
+author:
+type: fixed
--- a/ee/spec/requests/git_http_geo_spec.rb
+++ b/ee/spec/requests/git_http_geo_spec.rb
@@ -348,6 +348,22 @@ describe "Git HTTP requests (Geo)", :geo do
      end
    end
+    context 'repository does not exist' do
+      subject do
+        make_request
+        response
+      end
+      def make_request
+        full_path = project.full_path
+        project.destroy
+        get "/#{full_path}.git/info/refs", params: { service: 'git-upload-pack' }, headers: env
+      end
+      it { is_expected.to have_gitlab_http_status(:not_found) }
+    end
    context 'invalid scope' do
      subject do
        make_request