Commit 119aae7d authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

GitlabAccess and GitlabPostReceive classes added

Gitlab Access handles security check. GitlabPostReceive creates a sidekiq job
Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent c6909d0c
require_relative 'gitlab_init'
require_relative 'gitlab_net'
require_relative 'names_helper'
require 'json'
class GitlabAccess
include NamesHelper
attr_reader :config, :repo_path, :repo_name, :changes
def initialize(repo_path, actor, changes)
@config = GitlabConfig.new
@repo_path, @actor = repo_path.strip, actor
@repo_name = extract_repo_name(@repo_path.dup, config.repos_path.to_s)
@changes = changes.lines
end
def exec
if api.allowed?('git-receive-pack', @repo_name, @actor, @changes)
exit 0
else
# reset GL_ID env since we stop git push here
ENV['GL_ID'] = nil
puts "GitLab: You are not allowed to access #{@ref_name}!"
exit 1
end
end
protected
def api
GitlabNet.new
end
end
require_relative 'gitlab_init'
require 'json'
class GitlabPostReceive
attr_reader :config, :repo_path, :changes
def initialize(repo_path, actor, changes)
@config = GitlabConfig.new
@repo_path, @actor = repo_path.strip, actor
@changes = changes.lines
end
def exec
# reset GL_ID env since we already
# get value from it
ENV['GL_ID'] = nil
update_redis
end
protected
def update_redis
queue = "#{config.redis_namespace}:queue:post_receive"
msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @actor, @changes]})
unless system(*config.redis_command, 'rpush', queue, msg, err: '/dev/null', out: '/dev/null')
puts "GitLab: An unexpected error occurred (redis-cli returned #{$?.exitstatus})."
exit 1
end
end
end
...@@ -18,9 +18,11 @@ class GitlabProjects ...@@ -18,9 +18,11 @@ class GitlabProjects
attr_reader :full_path attr_reader :full_path
def self.create_hooks(path) def self.create_hooks(path)
hook = File.join(path, 'hooks', 'update') %w(pre-receive post-receive).each do |hook_name|
File.delete(hook) if File.exists?(hook) hook = File.join(path, 'hooks', hook_name)
File.symlink(File.join(ROOT_PATH, 'hooks', 'update'), hook) File.delete(hook) if File.exists?(hook)
File.symlink(File.join(ROOT_PATH, 'hooks', hook_name), hook)
end
end end
def initialize def initialize
......
require 'spec_helper'
require 'gitlab_access'
describe GitlabAccess do
let(:repository_path) { "/home/git/repositories" }
let(:repo_name) { 'dzaporozhets/gitlab-ci' }
let(:repo_path) { File.join(repository_path, repo_name) + ".git" }
let(:gitlab_access) { GitlabAccess.new(repo_path, 'key-123', '') }
before do
GitlabConfig.any_instance.stub(repos_path: repository_path)
end
describe :initialize do
it { gitlab_access.repo_name.should == repo_name }
it { gitlab_access.repo_path.should == repo_path }
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment