Commit 551e84c2 authored by Douwe Maan's avatar Douwe Maan

Skip change access check for deploy keys

parent bc7a1aff
......@@ -10,7 +10,7 @@ module Gitlab
attr_reader(*ATTRIBUTES)
def initialize(
change, user_access:, project:, skip_authorization: false,
change, user_access:, project:,
skip_lfs_integrity_check: false, protocol:, logger:
)
@oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref)
......@@ -18,7 +18,6 @@ module Gitlab
@tag_name = Gitlab::Git.tag_name(@ref)
@user_access = user_access
@project = project
@skip_authorization = skip_authorization
@skip_lfs_integrity_check = skip_lfs_integrity_check
@protocol = protocol
......@@ -27,8 +26,6 @@ module Gitlab
end
def exec
return true if skip_authorization
ref_level_checks
# Check of commits should happen as the last step
# given they're expensive in terms of performance
......
......@@ -266,6 +266,9 @@ module Gitlab
end
def check_change_access!
# Deploy keys with write access can push anything
return if deploy_key?
# If there are worktrees with a HEAD pointing to a non-existent object,
# calls to `git rev-list --all` will fail in git 2.15+. This should also
# clear stale lock files.
......@@ -286,7 +289,6 @@ module Gitlab
change,
user_access: user_access,
project: project,
skip_authorization: deploy_key?,
skip_lfs_integrity_check: skip_lfs_integrity_check,
protocol: protocol,
logger: logger
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment