git_http_controller.rb 3.41 KB
Newer Older
1
class Projects::GitHttpController < Projects::ApplicationController
2 3
  attr_reader :user

4 5
  # Git clients will not know what authenticity token to send along
  skip_before_action :verify_authenticity_token
6 7
  skip_before_action :repository
  before_action :authenticate_user
8
  before_action :ensure_project_found!
9 10 11 12

  # GET /foo/bar.git/info/refs?service=git-upload-pack (git pull)
  # GET /foo/bar.git/info/refs?service=git-receive-pack (git push)
  def info_refs
13
    if upload_pack? && upload_pack_allowed?
Jacob Vosmaer's avatar
Jacob Vosmaer committed
14 15 16 17 18
      render_ok
    elsif receive_pack? && receive_pack_allowed?
      render_ok
    else
      render_not_found
19 20
    end
  end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
21

22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
  # POST /foo/bar.git/git-upload-pack (git pull)
  def git_upload_pack
    if upload_pack? && upload_pack_allowed?
      render_ok
    else
      render_not_found
    end
  end

  # POST /foo/bar.git/git-receive-pack" (git push)
  def git_receive_pack
    if receive_pack? && receive_pack_allowed?
      render_ok
    else
      render_not_found
    end
38 39 40 41 42 43 44 45
  end

  private

  def authenticate_user
    return if project && project.public? && upload_pack?

    authenticate_or_request_with_http_basic do |login, password|
46
      auth_result = Gitlab::Auth.find(login, password, project: project, ip: request.ip)
47

48
      if auth_result.type == :ci && upload_pack?
49
        @ci = true
50 51
      elsif auth_result.type == :oauth && !upload_pack?
        # Not allowed
52
      else
53
        @user = auth_result.user
54
      end
55 56

      ci? || user
57 58 59
    end
  end

60
  def ensure_project_found!
Jacob Vosmaer's avatar
Jacob Vosmaer committed
61
    render_not_found if project.blank?
62 63 64 65
  end

  def project
    return @project if defined?(@project)
66 67 68 69 70 71 72

    project_id, _ = project_id_with_suffix
    if project_id.blank?
      @project = nil
    else
      @project = Project.find_with_namespace("#{params[:namespace_id]}/#{project_id}")
    end
73 74
  end

75 76 77 78
  # This method returns two values so that we can parse
  # params[:project_id] (untrusted input!) in exactly one place.
  def project_id_with_suffix
    id = params[:project_id] || ''
Jacob Vosmaer's avatar
Jacob Vosmaer committed
79

80
    %w[.wiki.git .git].each do |suffix|
81 82 83 84 85 86
      if id.end_with?(suffix)
        # Be careful to only remove the suffix from the end of 'id'.
        # Accidentally removing it from the middle is how security
        # vulnerabilities happen!
        return [id.slice(0, id.length - suffix.length), suffix]
      end
87
    end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
88

89 90
    # Something is wrong with params[:project_id]; do not pass it on.
    [nil, nil]
91 92 93
  end

  def upload_pack?
94
    git_command == 'git-upload-pack'
Jacob Vosmaer's avatar
Jacob Vosmaer committed
95 96 97
  end

  def receive_pack?
98
    git_command == 'git-receive-pack'
Jacob Vosmaer's avatar
Jacob Vosmaer committed
99 100
  end

101
  def git_command
102
    if action_name == 'info_refs'
Jacob Vosmaer's avatar
Jacob Vosmaer committed
103
      params[:service]
104
    else
105
      action_name.dasherize
106 107
    end
  end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
108

109
  def render_ok
110
    render json: Gitlab::Workhorse.git_http_ok(repository, user)
111
  end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
112

113 114 115 116 117 118 119 120 121
  def repository
    _, suffix = project_id_with_suffix
    if suffix == '.wiki.git'
      project.wiki.repository
    else
      project.repository
    end
  end

122 123 124 125 126
  def render_not_found
    render text: 'Not Found', status: :not_found
  end

  def ci?
Jacob Vosmaer's avatar
Jacob Vosmaer committed
127
    @ci.present?
128
  end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
129

130
  def upload_pack_allowed?
131 132 133
    return false unless Gitlab.config.gitlab_shell.upload_pack

    if user
134 135
      Gitlab::GitAccess.new(user, project).download_access_check.allowed?
    else
136
      ci? || project.public?
137 138
    end
  end
Jacob Vosmaer's avatar
Jacob Vosmaer committed
139 140

  def receive_pack_allowed?
141 142 143 144 145
    return false unless Gitlab.config.gitlab_shell.receive_pack

    # Skip user authorization on upload request.
    # It will be done by the pre-receive hook in the repository.
    user.present?
Jacob Vosmaer's avatar
Jacob Vosmaer committed
146
  end
147
end