Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-shell
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-shell
Commits
a71c8072
Commit
a71c8072
authored
Sep 01, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update GitlabNet to match new logic
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
2198fa63
Changes
9
Show whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
53 additions
and
54 deletions
+53
-54
lib/gitlab_net.rb
lib/gitlab_net.rb
+4
-8
spec/gitlab_net_spec.rb
spec/gitlab_net_spec.rb
+6
-5
spec/vcr_cassettes/allowed-pull.yml
spec/vcr_cassettes/allowed-pull.yml
+5
-5
spec/vcr_cassettes/allowed-push.yml
spec/vcr_cassettes/allowed-push.yml
+5
-5
spec/vcr_cassettes/check-ok.yml
spec/vcr_cassettes/check-ok.yml
+6
-6
spec/vcr_cassettes/denied-pull.yml
spec/vcr_cassettes/denied-pull.yml
+5
-5
spec/vcr_cassettes/denied-push-with-user.yml
spec/vcr_cassettes/denied-push-with-user.yml
+13
-11
spec/vcr_cassettes/denied-push.yml
spec/vcr_cassettes/denied-push.yml
+5
-5
spec/vcr_cassettes/discover-ok.yml
spec/vcr_cassettes/discover-ok.yml
+4
-4
No files found.
lib/gitlab_net.rb
View file @
a71c8072
...
...
@@ -6,21 +6,17 @@ require_relative 'gitlab_config'
require_relative
'gitlab_logger'
class
GitlabNet
def
allowed?
(
cmd
,
repo
,
actor
,
ref
,
oldrev
=
nil
,
newrev
=
nil
,
forced_push
=
false
)
def
allowed?
(
cmd
,
repo
,
actor
,
changes
)
project_name
=
repo
.
gsub
(
"'"
,
""
)
project_name
=
project_name
.
gsub
(
/\.git\Z/
,
""
)
project_name
=
project_name
.
gsub
(
/\A\//
,
""
)
params
=
{
action:
cmd
,
ref:
ref
,
changes:
changes
,
project:
project_name
,
forced_push:
forced_push
,
}
params
.
merge!
(
oldrev:
oldrev
)
if
oldrev
params
.
merge!
(
newrev:
newrev
)
if
newrev
if
actor
=~
/\Akey\-\d+\Z/
params
.
merge!
(
key_id:
actor
.
gsub
(
"key-"
,
""
))
elsif
actor
=~
/\Auser\-\d+\Z/
...
...
@@ -86,7 +82,7 @@ class GitlabNet
end
def
cert_store
@cert_store
||=
OpenSSL
::
X509
::
Store
.
new
.
tap
{
|
store
|
@cert_store
||=
OpenSSL
::
X509
::
Store
.
new
.
tap
do
|
store
|
store
.
set_default_paths
if
ca_file
=
config
.
http_settings
[
'ca_file'
]
...
...
@@ -96,6 +92,6 @@ class GitlabNet
if
ca_path
=
config
.
http_settings
[
'ca_path'
]
store
.
add_path
(
ca_path
)
end
}
end
end
end
spec/gitlab_net_spec.rb
View file @
a71c8072
...
...
@@ -4,6 +4,7 @@ require_relative '../lib/gitlab_net'
describe
GitlabNet
,
vcr:
true
do
let
(
:gitlab_net
)
{
GitlabNet
.
new
}
let
(
:changes
)
{
[
'0000000000000000000000000000000000000000 92d0970eefd7acb6d548878925ce2208cfe2d2ec refs/heads/branch4'
]
}
before
do
gitlab_net
.
stub!
(
:host
).
and_return
(
'https://dev.gitlab.org/api/v3/internal'
)
...
...
@@ -31,14 +32,14 @@ describe GitlabNet, vcr: true do
context
'ssh key with access to project'
do
it
'should allow pull access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"allowed-pull"
)
do
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
changes
)
access
.
should
be_true
end
end
it
'should allow push access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"allowed-push"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-126'
,
changes
)
access
.
should
be_true
end
end
...
...
@@ -47,21 +48,21 @@ describe GitlabNet, vcr: true do
context
'ssh key without access to project'
do
it
'should deny pull access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"denied-pull"
)
do
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-receive-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
changes
)
access
.
should
be_false
end
end
it
'should deny push access for dev.gitlab.org'
do
VCR
.
use_cassette
(
"denied-push"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'key-2'
,
changes
)
access
.
should
be_false
end
end
it
'should deny push access for dev.gitlab.org (with user)'
do
VCR
.
use_cassette
(
"denied-push-with-user"
)
do
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'user-1'
,
'master'
)
access
=
gitlab_net
.
allowed?
(
'git-upload-pack'
,
'gitlab/gitlabhq.git'
,
'user-1'
,
changes
)
access
.
should
be_false
end
end
...
...
spec/vcr_cassettes/allowed-pull.yml
View file @
a71c8072
...
...
@@ -2,7 +2,7 @@
http_interactions
:
-
request
:
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
forced_push=false&key_id=126&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=126&project=gitlab/gitlabhq
body
:
encoding
:
US-ASCII
string
:
'
'
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:53
GMT
-
Mon,
01 Sep 2014 16:23:50
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
-
max-age=0, private, must-revalidate
X-Request-Id
:
-
b049c014-05c4-4ec7-a591-1b0661257e33
-
677dee49-79ab-452b-a56c-bb656949dab1
X-Runtime
:
-
'
0.0
55486
'
-
'
0.0
79772
'
body
:
encoding
:
UTF-8
string
:
'
true'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:53
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:50
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/allowed-push.yml
View file @
a71c8072
...
...
@@ -2,7 +2,7 @@
http_interactions
:
-
request
:
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&key_id=126&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=126&project=gitlab/gitlabhq
body
:
encoding
:
US-ASCII
string
:
'
'
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:51
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
-
max-age=0, private, must-revalidate
X-Request-Id
:
-
7f92ebb7-4f92-4236-a35a-5f15c59b81f8
-
598daf73-57a1-4861-b159-fdfa2cbb3cfc
X-Runtime
:
-
'
0.0
60724
'
-
'
0.0
33789
'
body
:
encoding
:
UTF-8
string
:
'
true'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:51
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/check-ok.yml
View file @
a71c8072
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:52
GMT
-
Mon,
01 Sep 2014 16:23:48
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -31,16 +31,16 @@ http_interactions:
Status
:
-
200 OK
Etag
:
-
'
"
263db4ad138ffbada1f94332a1a2e1e8
"'
-
'
"
4deef8ced16c13af425359a8f45f42e1
"'
Cache-Control
:
-
max-age=0, private, must-revalidate
X-Request-Id
:
-
17b6ff1c-e1a5-4443-b053-74cfced03184
-
041c17df-8c96-4633-9063-d309583fe0fa
X-Runtime
:
-
'
0.0
04863
'
-
'
0.0
12408
'
body
:
encoding
:
UTF-8
string
:
'
{"api_version":"v3","gitlab_version":"
6.8.0.pre","gitlab_rev":"352bb97
"}'
string
:
'
{"api_version":"v3","gitlab_version":"
7.3.0.pre","gitlab_rev":"174c00c
"}'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:52
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:48
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-pull.yml
View file @
a71c8072
...
...
@@ -2,7 +2,7 @@
http_interactions
:
-
request
:
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
forced_push=false&key_id=2&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-receive-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=2&project=gitlab/gitlabhq
body
:
encoding
:
US-ASCII
string
:
'
'
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -33,12 +33,12 @@ http_interactions:
Cache-Control
:
-
no-cache
X-Request-Id
:
-
7eb4f49d-66a6-4cca-84dd-9dfcd431210a
-
1721b961-9792-4af4-b3d2-fff0f7aa33b7
X-Runtime
:
-
'
0.0
10216
'
-
'
0.0
34322
'
body
:
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-push-with-user.yml
View file @
a71c8072
...
...
@@ -2,7 +2,7 @@
http_interactions
:
-
request
:
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&project=gitlab/gitlabhq&ref=master
&user_id=1
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&project=gitlab/gitlabhq
&user_id=1
body
:
encoding
:
US-ASCII
string
:
'
'
...
...
@@ -15,30 +15,32 @@ http_interactions:
-
Ruby
response
:
status
:
code
:
404
message
:
Not Found
code
:
200
message
:
OK
headers
:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
-
application/json
Content-Length
:
-
'
27
'
-
'
4
'
Connection
:
-
keep-alive
Status
:
-
404 Not Found
-
200 OK
Etag
:
-
'
"b326b5062b2f0e69046810717534cb09"'
Cache-Control
:
-
no-cach
e
-
max-age=0, private, must-revalidat
e
X-Request-Id
:
-
2a2a3ef9-aaf1-4ffb-8b18-475d52ec5e09
-
1222ecfc-c1af-4246-b63f-f3f2865c4813
X-Runtime
:
-
'
0.0
13223
'
-
'
0.0
31859
'
body
:
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}
'
string
:
'
false
'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/denied-push.yml
View file @
a71c8072
...
...
@@ -2,7 +2,7 @@
http_interactions
:
-
request
:
method
:
get
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
forced_push=false&key_id=2&project=gitlab/gitlabhq&ref=master
uri
:
https://dev.gitlab.org/api/v3/internal/allowed?action=git-upload-pack&
changes=0000000000000000000000000000000000000000%2092d0970eefd7acb6d548878925ce2208cfe2d2ec%20refs/heads/branch4&key_id=2&project=gitlab/gitlabhq
body
:
encoding
:
US-ASCII
string
:
'
'
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:54
GMT
-
Mon,
01 Sep 2014 16:23:52
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -33,12 +33,12 @@ http_interactions:
Cache-Control
:
-
no-cache
X-Request-Id
:
-
2a2a3ef9-aaf1-4ffb-8b18-475d52ec5e09
-
fbaed080-e60e-4893-afe3-4f0c331b1983
X-Runtime
:
-
'
0.013
223
'
-
'
0.013
659
'
body
:
encoding
:
UTF-8
string
:
'
{"message":"404
Not
found"}'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:54
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:52
GMT
recorded_with
:
VCR 2.4.0
spec/vcr_cassettes/discover-ok.yml
View file @
a71c8072
...
...
@@ -21,7 +21,7 @@ http_interactions:
Server
:
-
nginx/1.1.19
Date
:
-
Mon,
14 Apr 2014 18:25:53
GMT
-
Mon,
01 Sep 2014 16:23:49
GMT
Content-Type
:
-
application/json
Content-Length
:
...
...
@@ -35,12 +35,12 @@ http_interactions:
Cache-Control
:
-
max-age=0, private, must-revalidate
X-Request-Id
:
-
c3d44ccc-7599-4cc1-879e-281894f9cb39
-
f0ec702f-ff68-4597-a386-b7ff4bae5650
X-Runtime
:
-
'
0.
010799
'
-
'
0.
935522
'
body
:
encoding
:
UTF-8
string
:
'
{"name":"Dmitriy
Zaporozhets","username":"dzaporozhets"}'
http_version
:
recorded_at
:
Mon,
14 Apr 2014 18:25:53
GMT
recorded_at
:
Mon,
01 Sep 2014 16:23:49
GMT
recorded_with
:
VCR 2.4.0
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment