Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
a71c8072
Commit
a71c8072
authored
Sep 01, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update GitlabNet to match new logic
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
2198fa63
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
53 additions
and
54 deletions
+53
-54
lib/gitlab_net.rb
lib/gitlab_net.rb
+4
-8
spec/gitlab_net_spec.rb
spec/gitlab_net_spec.rb
+6
-5
spec/vcr_cassettes/allowed-pull.yml
spec/vcr_cassettes/allowed-pull.yml
+5
-5
spec/vcr_cassettes/allowed-push.yml
spec/vcr_cassettes/allowed-push.yml
+5
-5
spec/vcr_cassettes/check-ok.yml
spec/vcr_cassettes/check-ok.yml
+6
-6
spec/vcr_cassettes/denied-pull.yml
spec/vcr_cassettes/denied-pull.yml
+5
-5
spec/vcr_cassettes/denied-push-with-user.yml
spec/vcr_cassettes/denied-push-with-user.yml
+13
-11
spec/vcr_cassettes/denied-push.yml
spec/vcr_cassettes/denied-push.yml
+5
-5
spec/vcr_cassettes/discover-ok.yml
spec/vcr_cassettes/discover-ok.yml
+4
-4
No files found.
lib/gitlab_net.rb
View file @
a71c8072
...
@@ -6,21 +6,17 @@ require_relative 'gitlab_config'
...
@@ -6,21 +6,17 @@ require_relative 'gitlab_config'
require_relative
'gitlab_logger'
require_relative
'gitlab_logger'
class
GitlabNet
class
GitlabNet
def
allowed?
(
cmd
,
repo
,
actor
,
ref
,
oldrev
=
nil
,
newrev
=
nil
,
forced_push
=
false
)
def
allowed?
(
cmd
,
repo
,
actor
,
changes
)
project_name
=
repo
.
gsub
(
"'"
,
""
)
project_name
=
repo
.
gsub
(
"'"
,
""
)
project_name
=
project_name
.
gsub
(
/\.git\Z/
,
""
)
project_name
=
project_name
.
gsub
(
/\.git\Z/
,
""
)
project_name
=
project_name
.
gsub
(
/\A\//
,
""
)
project_name
=
project_name
.
gsub
(
/\A\//
,
""
)
params
=
{
params
=
{
action:
cmd
,
action:
cmd
,
ref:
ref
,
changes:
changes
,
project:
project_name
,
project:
project_name
,
forced_push:
forced_push
,
}
}
params
.
merge!
(
oldrev:
oldrev
)
if
oldrev
params
.
merge!
(
newrev:
newrev
)
if
newrev
if
actor
=~
/\Akey\-\d+\Z/
if
actor
=~
/\Akey\-\d+\Z/
params
.
merge!
(
key_id:
actor
.
gsub
(
"key-"
,
""
))
params
.
merge!
(
key_id:
actor
.
gsub
(
"key-"
,
""
))
elsif
actor
=~
/\Auser\-\d+\Z/
elsif
actor
=~
/\Auser\-\d+\Z/
...
@@ -86,7 +82,7 @@ class GitlabNet
...
@@ -86,7 +82,7 @@ class GitlabNet
end
end
def
cert_store
def
cert_store
@cert_store
||=
OpenSSL
::
X509
::
Store
.
new
.
tap
{
|
store
|
@cert_store
||=
OpenSSL
::
X509
::
Store
.
new
.
tap
do
|
store
|
store
.
set_default_paths
store
.
set_default_paths
if
ca_file
=
config
.
http_settings
[
'ca_file'
]
if
ca_file
=
config
.
http_settings
[
'ca_file'
]
...
@@ -96,6 +92,6 @@ class GitlabNet
...
@@ -96,6 +92,6 @@ class GitlabNet
if
ca_path
=
config
.
http_settings
[
'ca_path'
]
if
ca_path
=
config
.
http_settings
[
'ca_path'
]
store
.
add_path
(
ca_path
)
store
.
add_path
(
ca_path
)
end
end
}
end
end
end
end
end
spec/gitlab_net_spec.rb
View file @
a71c8072
...
@@ -4,6 +4,7 @@ require_relative '../lib/gitlab_net'
...
@@ -4,6 +4,7 @@ require_relative '../lib/gitlab_net'
describe
GitlabNet
,
vcr:
true
do
describe
GitlabNet
,
vcr:
true
do
let
(
:gitlab_net
)
{
GitlabNet
.
new
}
let
(
:gitlab_net
)
{
GitlabNet
.
new
}
let
(
:changes
)
{
[
'0000000000000000000000000000000000000000 92d0970eefd7acb6d548878925ce2208cfe2d2ec refs/heads/branch4'
]
}
before
do
before
do
gitlab_net
.
stub!
(
:host
).
and_return
(
'https://dev.gitlab.org/api/v3/internal'
)
gitlab_net
.
stub!
(
:host
).
and_return
(
'https://dev.gitlab.org/api/v3/internal'
)
...
@@ -31,14 +32,14 @@ describe GitlabNet, vcr: true do
...
@@ -31,14 +32,14 @@ describe GitlabNet, vcr: true do
context
'ssh key with access to project'
do
context
'ssh key with access to project'
do
it
'should allow pull access for dev.gitlab.org'
do
it
'should allow pull access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"allowed-pull"
)
do
VCR
.
use_cassette
(
"allowed-pull"
)
do
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
changes
)
access
.
should
be_true
access
.
should
be_true
end
end
end
end
it
'should allow push access for dev.gitlab.org'
do
it
'should allow push access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"allowed-push"
)
do
VCR
.
use_cassette
(
"allowed-push"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
changes
)
access
.
should
be_true
access
.
should
be_true
end
end
end
end
...
@@ -47,21 +48,21 @@ describe GitlabNet, vcr: true do
...
@@ -47,21 +48,21 @@ describe GitlabNet, vcr: true do
context
'ssh key without access to project'
do
context
'ssh key without access to project'
do
it
'should deny pull access for dev.gitlab.org'
do
it
'should deny pull access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"denied-pull"
)
do
VCR
.
use_cassette
(
"denied-pull"
)
do
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
changes
)
access
.
should
be_false
access
.
should
be_false
end
end
end
end
it
'should deny push access for dev.gitlab.org'
do
it
'should deny push access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"denied-push"
)
do
VCR
.
use_cassette
(
"denied-push"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
changes
)
access
.
should
be_false
access
.
should
be_false
end
end
end
end
it
'should deny push access for dev.gitlab.org (with user)'
do
it
'should deny push access for dev.gitlab.org (with user)'
do
VCR
.
use_cassette
(
"denied-push-with-user"
)
do
VCR
.
use_cassette
(
"denied-push-with-user"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'user-1'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'user-1'
,
changes
)
access
.
should
be_false
access
.
should
be_false
end
end
end
end
...
...
spec/vcr_cassettes/allowed-pull.yml
View file @
a71c8072
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
http_interactions
:
http_interactions
:
-
request
:
-
request
:
method
:
get
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
forced_push=false&key_id=126&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=126&project=gitlab/gitlabhq
body
:
body
:
encoding
:
US-ASCII
encoding
:
US-ASCII
string
:
'
'
string
:
'
'
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:53
GMT
-
Mon,
01 Sep 2014 16:23:50
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -35,12 +35,12 @@ http_interactions:
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
Cache-Control
:
-
max-age=0, private, must-revalidate
-
max-age=0, private, must-revalidate
X-Request-Id
:
X-Request-Id
:
-
b049c014-05c4-4ec7-a591-1b0661257e33
-
677dee49-79ab-452b-a56c-bb656949dab1
X-Runtime
:
X-Runtime
:
-
'
0.0
55486
'
-
'
0.0
79772
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
true'
string
:
'
true'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:53
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:50
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/allowed-push.yml
View file @
a71c8072
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
http_interactions
:
http_interactions
:
-
request
:
-
request
:
method
:
get
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&key_id=126&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=126&project=gitlab/gitlabhq
body
:
body
:
encoding
:
US-ASCII
encoding
:
US-ASCII
string
:
'
'
string
:
'
'
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:51
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -35,12 +35,12 @@ http_interactions:
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
Cache-Control
:
-
max-age=0, private, must-revalidate
-
max-age=0, private, must-revalidate
X-Request-Id
:
X-Request-Id
:
-
7f92ebb7-4f92-4236-a35a-5f15c59b81f8
-
598daf73-57a1-4861-b159-fdfa2cbb3cfc
X-Runtime
:
X-Runtime
:
-
'
0.0
60724
'
-
'
0.0
33789
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
true'
string
:
'
true'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:51
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/check-ok.yml
View file @
a71c8072
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:52
GMT
-
Mon,
01 Sep 2014 16:23:48
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -31,16 +31,16 @@ http_interactions:
...
@@ -31,16 +31,16 @@ http_interactions:
Status
:
Status
:
-
200 OK
-
200 OK
Etag
:
Etag
:
-
'
"
263db4ad138ffbada1f94332a1a2e1e8
"'
-
'
"
4deef8ced16c13af425359a8f45f42e1
"'
Cache-Control
:
Cache-Control
:
-
max-age=0, private, must-revalidate
-
max-age=0, private, must-revalidate
X-Request-Id
:
X-Request-Id
:
-
17b6ff1c-e1a5-4443-b053-74cfced03184
-
041c17df-8c96-4633-9063-d309583fe0fa
X-Runtime
:
X-Runtime
:
-
'
0.0
04863
'
-
'
0.0
12408
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
{"api_version":"v3","gitlab_version":"
6.8.0.pre","gitlab_rev":"352bb97
"}'
string
:
'
{"api_version":"v3","gitlab_version":"
7.3.0.pre","gitlab_rev":"174c00c
"}'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:52
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:48
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-pull.yml
View file @
a71c8072
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
http_interactions
:
http_interactions
:
-
request
:
-
request
:
method
:
get
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
forced_push=false&key_id=2&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=2&project=gitlab/gitlabhq
body
:
body
:
encoding
:
US-ASCII
encoding
:
US-ASCII
string
:
'
'
string
:
'
'
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -33,12 +33,12 @@ http_interactions:
...
@@ -33,12 +33,12 @@ http_interactions:
Cache-Control
:
Cache-Control
:
-
no-cache
-
no-cache
X-Request-Id
:
X-Request-Id
:
-
7eb4f49d-66a6-4cca-84dd-9dfcd431210a
-
1721b961-9792-4af4-b3d2-fff0f7aa33b7
X-Runtime
:
X-Runtime
:
-
'
0.0
10216
'
-
'
0.0
34322
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}'
string
:
'
{"message":"404
Not
found"}'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-push-with-user.yml
View file @
a71c8072
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
http_interactions
:
http_interactions
:
-
request
:
-
request
:
method
:
get
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&project=gitlab/gitlabhq&ref=master
&user_id=1
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&project=gitlab/gitlabhq
&user_id=1
body
:
body
:
encoding
:
US-ASCII
encoding
:
US-ASCII
string
:
'
'
string
:
'
'
...
@@ -15,30 +15,32 @@ http_interactions:
...
@@ -15,30 +15,32 @@ http_interactions:
-
Ruby
-
Ruby
response
:
response
:
status
:
status
:
code
:
404
code
:
200
message
:
Not Found
message
:
OK
headers
:
headers
:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
-
'
27
'
-
'
4
'
Connection
:
Connection
:
-
keep-alive
-
keep-alive
Status
:
Status
:
-
404 Not Found
-
200 OK
Etag
:
-
'
"b326b5062b2f0e69046810717534cb09"'
Cache-Control
:
Cache-Control
:
-
no-cach
e
-
max-age=0, private, must-revalidat
e
X-Request-Id
:
X-Request-Id
:
-
2a2a3ef9-aaf1-4ffb-8b18-475d52ec5e09
-
1222ecfc-c1af-4246-b63f-f3f2865c4813
X-Runtime
:
X-Runtime
:
-
'
0.0
13223
'
-
'
0.0
31859
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}
'
string
:
'
false
'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-push.yml
View file @
a71c8072
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
http_interactions
:
http_interactions
:
-
request
:
-
request
:
method
:
get
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&key_id=2&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=2&project=gitlab/gitlabhq
body
:
body
:
encoding
:
US-ASCII
encoding
:
US-ASCII
string
:
'
'
string
:
'
'
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -33,12 +33,12 @@ http_interactions:
...
@@ -33,12 +33,12 @@ http_interactions:
Cache-Control
:
Cache-Control
:
-
no-cache
-
no-cache
X-Request-Id
:
X-Request-Id
:
-
2a2a3ef9-aaf1-4ffb-8b18-475d52ec5e09
-
fbaed080-e60e-4893-afe3-4f0c331b1983
X-Runtime
:
X-Runtime
:
-
'
0.013
223
'
-
'
0.013
659
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}'
string
:
'
{"message":"404
Not
found"}'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/discover-ok.yml
View file @
a71c8072
...
@@ -21,7 +21,7 @@ http_interactions:
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
Server
:
-
nginx/1.1.19
-
nginx/1.1.19
Date
:
Date
:
-
Mon,
14 Apr 2014 18:25:53
GMT
-
Mon,
01 Sep 2014 16:23:49
GMT
Content-Type
:
Content-Type
:
-
application/json
-
application/json
Content-Length
:
Content-Length
:
...
@@ -35,12 +35,12 @@ http_interactions:
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
Cache-Control
:
-
max-age=0, private, must-revalidate
-
max-age=0, private, must-revalidate
X-Request-Id
:
X-Request-Id
:
-
c3d44ccc-7599-4cc1-879e-281894f9cb39
-
f0ec702f-ff68-4597-a386-b7ff4bae5650
X-Runtime
:
X-Runtime
:
-
'
0.
010799
'
-
'
0.
935522
'
body
:
body
:
encoding
:
UTF-8
encoding
:
UTF-8
string
:
'
{"name":"Dmitriy
Zaporozhets","username":"dzaporozhets"}'
string
:
'
{"name":"Dmitriy
Zaporozhets","username":"dzaporozhets"}'
http_version
:
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:53
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:49
GMT
recorded_with
:
VCR 2.4.0
recorded_with
:
VCR 2.4.0
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment