Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
da15471b
Commit
da15471b
authored
Jun 27, 2016
by
Patricio Cano
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Clarify protocol access check, and make Git HTTP access call more specific.
parent
0f54e2ae
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
7 additions
and
7 deletions
+7
-7
app/controllers/projects/git_http_controller.rb
app/controllers/projects/git_http_controller.rb
+6
-6
lib/gitlab/protocol_access.rb
lib/gitlab/protocol_access.rb
+1
-1
No files found.
app/controllers/projects/git_http_controller.rb
View file @
da15471b
...
@@ -157,7 +157,7 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -157,7 +157,7 @@ class Projects::GitHttpController < Projects::ApplicationController
end
end
def
render_not_allowed
def
render_not_allowed
render
plain:
access
.
message
,
status: :forbidden
render
plain:
download_
access
.
message
,
status: :forbidden
end
end
def
ci?
def
ci?
...
@@ -168,20 +168,20 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -168,20 +168,20 @@ class Projects::GitHttpController < Projects::ApplicationController
return
false
unless
Gitlab
.
config
.
gitlab_shell
.
upload_pack
return
false
unless
Gitlab
.
config
.
gitlab_shell
.
upload_pack
if
user
if
user
access
.
allowed?
download_
access
.
allowed?
else
else
ci?
||
project
.
public?
ci?
||
project
.
public?
end
end
end
end
def
access
def
download_
access
return
@
access
if
defined?
(
@
access
)
return
@
download_access
if
defined?
(
@download_
access
)
@access
=
Gitlab
::
GitAccess
.
new
(
user
,
project
,
'http'
).
check
(
'git-upload-pack'
)
@
download_
access
=
Gitlab
::
GitAccess
.
new
(
user
,
project
,
'http'
).
check
(
'git-upload-pack'
)
end
end
def
http_blocked?
def
http_blocked?
access
.
message
.
include?
(
'HTTP'
)
download_access
.
protocol_allowed?
end
end
def
receive_pack_allowed?
def
receive_pack_allowed?
...
...
lib/gitlab/protocol_access.rb
View file @
da15471b
...
@@ -3,7 +3,7 @@ module Gitlab
...
@@ -3,7 +3,7 @@ module Gitlab
def
self
.
allowed?
(
protocol
)
def
self
.
allowed?
(
protocol
)
if
protocol
.
to_s
==
'web'
if
protocol
.
to_s
==
'web'
true
true
elsif
!
current_application_settings
.
enabled_git_access_protocols
.
present
?
elsif
current_application_settings
.
enabled_git_access_protocols
.
blank
?
true
true
else
else
protocol
.
to_s
==
current_application_settings
.
enabled_git_access_protocols
protocol
.
to_s
==
current_application_settings
.
enabled_git_access_protocols
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment