Correct access control flow for Git HTTP requests.

author: Patricio Cano <suprnova32@gmail.com> 2016-06-27 11:14:44 -0500
committer: Patricio Cano <suprnova32@gmail.com> 2016-07-05 16:54:22 -0500
commit: 9397ce9137a8784bff4b63acfce3d4bc1e123cdf (patch)
tree: 27b7f9be7af134597f54fe70f5d1da52cca0a2f2 /app/controllers
parent: da15471bb1c862111300a9202fe06c6a531fb283 (diff)
download: gitlab-ce-9397ce9137a8784bff4b63acfce3d4bc1e123cdf.tar.gz
1 files changed, 8 insertions, 2 deletions
diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index 3d0055c9be3..40a8b7940d9 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -174,14 +174,20 @@ class Projects::GitHttpController < Projects::ApplicationController
     end
   end
 
+  def access
+    return @access if defined?(@access)
+
+    @access = Gitlab::GitAccess.new(user, project, 'http')
+  end
+
   def download_access
     return @download_access if defined?(@download_access)
 
-    @download_access = Gitlab::GitAccess.new(user, project, 'http').check('git-upload-pack')
+    @download_access = access.check('git-upload-pack')
   end
 
   def http_blocked?
-    download_access.protocol_allowed?
+    !access.protocol_allowed?
   end
 
   def receive_pack_allowed?
author	Patricio Cano <suprnova32@gmail.com>	2016-06-27 11:14:44 -0500
committer	Patricio Cano <suprnova32@gmail.com>	2016-07-05 16:54:22 -0500
commit	9397ce9137a8784bff4b63acfce3d4bc1e123cdf (patch)
tree	27b7f9be7af134597f54fe70f5d1da52cca0a2f2 /app/controllers
parent	da15471bb1c862111300a9202fe06c6a531fb283 (diff)
download	gitlab-ce-9397ce9137a8784bff4b63acfce3d4bc1e123cdf.tar.gz