Commit da15471b authored by Patricio Cano's avatar Patricio Cano

Clarify protocol access check, and make Git HTTP access call more specific.

parent 0f54e2ae
......@@ -157,7 +157,7 @@ class Projects::GitHttpController < Projects::ApplicationController
end
def render_not_allowed
render plain: access.message, status: :forbidden
render plain: download_access.message, status: :forbidden
end
def ci?
......@@ -168,20 +168,20 @@ class Projects::GitHttpController < Projects::ApplicationController
return false unless Gitlab.config.gitlab_shell.upload_pack
if user
access.allowed?
download_access.allowed?
else
ci? || project.public?
end
end
def access
return @access if defined?(@access)
def download_access
return @download_access if defined?(@download_access)
@access = Gitlab::GitAccess.new(user, project, 'http').check('git-upload-pack')
@download_access = Gitlab::GitAccess.new(user, project, 'http').check('git-upload-pack')
end
def http_blocked?
access.message.include?('HTTP')
download_access.protocol_allowed?
end
def receive_pack_allowed?
......
......@@ -3,7 +3,7 @@ module Gitlab
def self.allowed?(protocol)
if protocol.to_s == 'web'
true
elsif !current_application_settings.enabled_git_access_protocols.present?
elsif current_application_settings.enabled_git_access_protocols.blank?
true
else
protocol.to_s == current_application_settings.enabled_git_access_protocols
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment