Commit 5c20e50f authored by Ben Boeckel's avatar Ben Boeckel

lfs: do not require auth for public repositories

LFS has the `authenticated` field in the response for downloads of
objects to indicate that the object does not need authentication to
access it.

Spec: https://github.com/git-lfs/git-lfs/blob/master/docs/api/batch.md#successful-responses

Fixes #23360.
parent d391f743
...@@ -48,6 +48,10 @@ class Projects::LfsApiController < Projects::GitHttpClientController ...@@ -48,6 +48,10 @@ class Projects::LfsApiController < Projects::GitHttpClientController
objects.each do |object| objects.each do |object|
if existing_oids.include?(object[:oid]) if existing_oids.include?(object[:oid])
object[:actions] = download_actions(object) object[:actions] = download_actions(object)
if Guest.can?(:download_code, project)
object[:authenticated] = true
end
else else
object[:error] = { object[:error] = {
code: 404, code: 404,
......
---
title: Support unauthenticated LFS object downloads for public projects
merge_request: 8824
author: Ben Boeckel
...@@ -600,6 +600,7 @@ describe 'Git LFS API and storage' do ...@@ -600,6 +600,7 @@ describe 'Git LFS API and storage' do
expect(json_response).to eq('objects' => [ expect(json_response).to eq('objects' => [
{ 'oid' => sample_oid, { 'oid' => sample_oid,
'size' => sample_size, 'size' => sample_size,
'authenticated' => true,
'actions' => { 'actions' => {
'download' => { 'download' => {
'href' => "#{project.http_url_to_repo}/gitlab-lfs/objects/#{sample_oid}", 'href' => "#{project.http_url_to_repo}/gitlab-lfs/objects/#{sample_oid}",
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment