diff options
author | Douwe Maan <douwe@gitlab.com> | 2016-08-15 19:52:34 +0000 |
---|---|---|
committer | Robert Speicher <rspeicher@gmail.com> | 2016-08-16 12:49:40 -0500 |
commit | 3d5d9dbe881cea1c98d77371d031537ef0009073 (patch) | |
tree | 8e6e42633633ddec5466fe8f4f1443c1ac078745 | |
parent | bd95be674d5dd9afcf95e0a4c277699f805d7f39 (diff) | |
download | gitlab-ce-3d5d9dbe881cea1c98d77371d031537ef0009073.tar.gz |
Merge branch 'fix/import-permissions' into 'master'
Set permissions to admin for importing a project via Import/Export
Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/20802
In order to import a project, it is now required to be an admin
Moved from https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/5766
See merge request !1983
(cherry picked from commit 966b303802e12204f5d32af24b13bd0ceb5342a1)
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | app/controllers/import/gitlab_projects_controller.rb | 5 | ||||
-rw-r--r-- | app/views/projects/new.html.haml | 2 | ||||
-rw-r--r-- | doc/user/project/settings/import_export.md | 3 | ||||
-rw-r--r-- | features/dashboard/new_project.feature | 2 | ||||
-rw-r--r-- | features/steps/dashboard/new_project.rb | 3 | ||||
-rw-r--r-- | spec/features/projects/import_export/import_file_spec.rb | 59 |
7 files changed, 50 insertions, 25 deletions
diff --git a/CHANGELOG b/CHANGELOG index 3fa4321beee..be0cb5378de 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date. v 8.9.7 - Upgrade Rails to 4.2.7.1 for security fixes. !5781 + - Require administrator privileges to perform a project import. v 8.9.6 - Fix importing of events under notes for GitLab projects. !5154 diff --git a/app/controllers/import/gitlab_projects_controller.rb b/app/controllers/import/gitlab_projects_controller.rb index 513348c39af..7df641f0399 100644 --- a/app/controllers/import/gitlab_projects_controller.rb +++ b/app/controllers/import/gitlab_projects_controller.rb @@ -1,5 +1,6 @@ class Import::GitlabProjectsController < Import::BaseController before_action :verify_gitlab_project_import_enabled + before_action :authenticate_admin! def new @namespace_id = project_params[:namespace_id] @@ -49,4 +50,8 @@ class Import::GitlabProjectsController < Import::BaseController :path, :namespace_id, :file ) end + + def authenticate_admin! + render_404 unless current_user.is_admin? + end end diff --git a/app/views/projects/new.html.haml b/app/views/projects/new.html.haml index 3c1c6060504..00a54df0e59 100644 --- a/app/views/projects/new.html.haml +++ b/app/views/projects/new.html.haml @@ -86,7 +86,7 @@ %i.fa.fa-git %span Repo by URL - - if gitlab_project_import_enabled? + - if gitlab_project_import_enabled? && current_user.is_admin? = link_to new_import_gitlab_project_path, class: 'btn import_gitlab_project project-submit' do %i.fa.fa-gitlab %span GitLab export diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md index 38e9786123d..99d18b84f13 100644 --- a/doc/user/project/settings/import_export.md +++ b/doc/user/project/settings/import_export.md @@ -6,8 +6,7 @@ than that of the exporter. - For existing installations, the project import option has to be enabled in application settings (`/admin/application_settings`) under 'Import sources'. - Ask your administrator if you don't see the **GitLab export** button when - creating a new project. + You will have to be an administrator to enable and use the import functionality. - You can find some useful raketasks if you are an administrator in the [import_export](../../../administration/raketasks/project_import_export.md) raketask. diff --git a/features/dashboard/new_project.feature b/features/dashboard/new_project.feature index 56b4a639c01..fc852ee6b1c 100644 --- a/features/dashboard/new_project.feature +++ b/features/dashboard/new_project.feature @@ -9,7 +9,7 @@ Background: @javascript Scenario: I should see New Projects page Then I see "New Project" page - Then I see all possible import optios + Then I see all possible import options @javascript Scenario: I should see instructions on how to import from Git URL diff --git a/features/steps/dashboard/new_project.rb b/features/steps/dashboard/new_project.rb index 29e6b9f1a01..4f57db719f8 100644 --- a/features/steps/dashboard/new_project.rb +++ b/features/steps/dashboard/new_project.rb @@ -14,14 +14,13 @@ class Spinach::Features::NewProject < Spinach::FeatureSteps expect(page).to have_content('Project name') end - step 'I see all possible import optios' do + step 'I see all possible import options' do expect(page).to have_link('GitHub') expect(page).to have_link('Bitbucket') expect(page).to have_link('GitLab.com') expect(page).to have_link('Gitorious.org') expect(page).to have_link('Google Code') expect(page).to have_link('Repo by URL') - expect(page).to have_link('GitLab export') end step 'I click on "Import project from GitHub"' do diff --git a/spec/features/projects/import_export/import_file_spec.rb b/spec/features/projects/import_export/import_file_spec.rb index c5fb0fc783b..dd269b17960 100644 --- a/spec/features/projects/import_export/import_file_spec.rb +++ b/spec/features/projects/import_export/import_file_spec.rb @@ -3,43 +3,64 @@ require 'spec_helper' feature 'project import', feature: true, js: true do include Select2Helper - let(:user) { create(:admin) } - let!(:namespace) { create(:namespace, name: "asd", owner: user) } + let(:admin) { create(:admin) } + let(:normal_user) { create(:user) } + let!(:namespace) { create(:namespace, name: "asd", owner: admin) } let(:file) { File.join(Rails.root, 'spec', 'features', 'projects', 'import_export', 'test_project_export.tar.gz') } let(:export_path) { "#{Dir::tmpdir}/import_file_spec" } let(:project) { Project.last } background do allow_any_instance_of(Gitlab::ImportExport).to receive(:storage_path).and_return(export_path) - login_as(user) end after(:each) do FileUtils.rm_rf(export_path, secure: true) end - scenario 'user imports an exported project successfully' do - expect(Project.all.count).to be_zero + context 'admin user' do + before do + login_as(admin) + end - visit new_project_path + scenario 'user imports an exported project successfully' do + expect(Project.all.count).to be_zero - select2('2', from: '#project_namespace_id') - fill_in :project_path, with:'test-project-path', visible: true - click_link 'GitLab export' + visit new_project_path - expect(page).to have_content('GitLab project export') - expect(URI.parse(current_url).query).to eq('namespace_id=2&path=test-project-path') + select2('2', from: '#project_namespace_id') + fill_in :project_path, with: 'test-project-path', visible: true + click_link 'GitLab export' - attach_file('file', file) + expect(page).to have_content('GitLab project export') + expect(URI.parse(current_url).query).to eq('namespace_id=2&path=test-project-path') - click_on 'Import project' # import starts + attach_file('file', file) - expect(project).not_to be_nil - expect(project.issues).not_to be_empty - expect(project.merge_requests).not_to be_empty - expect(project.repo_exists?).to be true - expect(wiki_exists?).to be true - expect(project.import_status).to eq('finished') + click_on 'Import project' # import starts + + expect(project).not_to be_nil + expect(project.issues).not_to be_empty + expect(project.merge_requests).not_to be_empty + expect(wiki_exists?).to be true + expect(project.import_status).to eq('finished') + end + end + + context 'normal user' do + before do + login_as(normal_user) + end + + scenario 'non-admin user is not allowed to import a project' do + expect(Project.all.count).to be_zero + + visit new_project_path + + fill_in :project_path, with: 'test-project-path', visible: true + + expect(page).not_to have_content('GitLab export') + end end def wiki_exists? |