diff options
author | Douwe Maan <douwe@gitlab.com> | 2015-03-27 14:43:48 +0100 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2015-04-03 12:23:20 +0200 |
commit | edc4a56d26792b5b5bac21f45948412675ad7ebb (patch) | |
tree | 5691320e58507e134a2f026f8f4e8054821edf50 /app | |
parent | 9157985cfce1391973673ea278dc7506a90f8f53 (diff) | |
download | gitlab-ce-edc4a56d26792b5b5bac21f45948412675ad7ebb.tar.gz |
Allow admin to create public deploy keys that are accessible to any project.
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/admin/deploy_keys_controller.rb | 45 | ||||
-rw-r--r-- | app/controllers/projects/deploy_keys_controller.rb | 18 | ||||
-rw-r--r-- | app/models/deploy_key.rb | 7 | ||||
-rw-r--r-- | app/models/deploy_keys_project.rb | 6 | ||||
-rw-r--r-- | app/models/user.rb | 10 | ||||
-rw-r--r-- | app/views/admin/deploy_keys/index.html.haml | 27 | ||||
-rw-r--r-- | app/views/admin/deploy_keys/new.html.haml | 26 | ||||
-rw-r--r-- | app/views/admin/deploy_keys/show.html.haml | 34 | ||||
-rw-r--r-- | app/views/layouts/nav/_admin.html.haml | 5 | ||||
-rw-r--r-- | app/views/projects/deploy_keys/_deploy_key.html.haml | 29 | ||||
-rw-r--r-- | app/views/projects/deploy_keys/index.html.haml | 24 |
11 files changed, 202 insertions, 29 deletions
diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb new file mode 100644 index 00000000000..0664b26ddda --- /dev/null +++ b/app/controllers/admin/deploy_keys_controller.rb @@ -0,0 +1,45 @@ +class Admin::DeployKeysController < Admin::ApplicationController + before_filter :deploy_key, only: [:show, :destroy] + + def index + @deploy_keys = DeployKey.are_public + end + + def show + + end + + def new + @deploy_key = DeployKey.new(public: true) + end + + def create + @deploy_key = DeployKey.new(deploy_key_params) + @deploy_key.public = true + + if @deploy_key.save + redirect_to admin_deploy_keys_path + else + render "new" + end + end + + def destroy + deploy_key.destroy + + respond_to do |format| + format.html { redirect_to admin_deploy_keys_path } + format.json { head :ok } + end + end + + protected + + def deploy_key + @deploy_key ||= DeployKey.find(params[:id]) + end + + def deploy_key_params + params.require(:deploy_key).permit(:key, :title) + end +end diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 679a5d76ec0..176d112a4d7 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -9,6 +9,8 @@ class Projects::DeployKeysController < Projects::ApplicationController def index @enabled_keys = @project.deploy_keys @available_keys = available_keys - @enabled_keys + @available_project_keys = current_user.project_deploy_keys - @enabled_keys + @available_public_keys = DeployKey.are_public - @available_project_keys - @enabled_keys end def show @@ -32,18 +34,9 @@ class Projects::DeployKeysController < Projects::ApplicationController end end - def destroy - @key = @project.deploy_keys.find(params[:id]) - @key.destroy - - respond_to do |format| - format.html { redirect_to namespace_project_deploy_keys_path(@project.namespace, @project) } - format.js { render nothing: true } - end - end - def enable - @project.deploy_keys << available_keys.find(params[:id]) + @key = current_user.accessible_deploy_keys.find(params[:id]) + @project.deploy_keys << @key redirect_to namespace_project_deploy_keys_path(@project.namespace, @project) @@ -52,8 +45,7 @@ class Projects::DeployKeysController < Projects::ApplicationController def disable @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]).destroy - redirect_to namespace_project_deploy_keys_path(@project.namespace, - @project) + redirect_to :back end protected diff --git a/app/models/deploy_key.rb b/app/models/deploy_key.rb index 570f5e91c13..1770dde320f 100644 --- a/app/models/deploy_key.rb +++ b/app/models/deploy_key.rb @@ -7,6 +7,7 @@ # created_at :datetime # updated_at :datetime # key :text +# public :boolean default(FALSE) # title :string(255) # type :string(255) # fingerprint :string(255) @@ -17,4 +18,10 @@ class DeployKey < Key has_many :projects, through: :deploy_keys_projects scope :in_projects, ->(projects) { joins(:deploy_keys_projects).where('deploy_keys_projects.project_id in (?)', projects) } + scope :are_public, -> { where(public: true) } + scope :are_private, -> { where(public: false) } + + def private? + !public? + end end diff --git a/app/models/deploy_keys_project.rb b/app/models/deploy_keys_project.rb index 7e88903b9af..5f679f4b3ef 100644 --- a/app/models/deploy_keys_project.rb +++ b/app/models/deploy_keys_project.rb @@ -22,6 +22,10 @@ class DeployKeysProject < ActiveRecord::Base private def destroy_orphaned_deploy_key - self.deploy_key.destroy if self.deploy_key.deploy_keys_projects.length == 0 + # Public deploy keys are never automatically deleted + return if self.deploy_key.public? + return if self.deploy_key.deploy_keys_projects.length > 0 + + self.deploy_key.destroy end end diff --git a/app/models/user.rb b/app/models/user.rb index 515f29ea0ba..ea6b1367bbc 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -414,8 +414,16 @@ class User < ActiveRecord::Base @ldap_identity ||= identities.find_by(["provider LIKE ?", "ldap%"]) end + def project_deploy_keys + DeployKey.in_projects(self.authorized_projects.pluck(:id)) + end + def accessible_deploy_keys - DeployKey.in_projects(self.authorized_projects.pluck(:id)).uniq + @accessible_deploy_keys ||= begin + key_ids = project_deploy_keys.pluck(:id) + key_ids.push(*DeployKey.are_public.pluck(:id)) + DeployKey.where(id: key_ids) + end end def created_by diff --git a/app/views/admin/deploy_keys/index.html.haml b/app/views/admin/deploy_keys/index.html.haml new file mode 100644 index 00000000000..2ae83ab95f7 --- /dev/null +++ b/app/views/admin/deploy_keys/index.html.haml @@ -0,0 +1,27 @@ +.panel.panel-default + .panel-heading + Public deploy keys (#{@deploy_keys.count}) + .panel-head-actions + = link_to 'New Deploy Key', new_admin_deploy_key_path, class: "btn btn-new btn-sm" + - if @deploy_keys.any? + %table.table + %thead.panel-heading + %tr + %th Title + %th Fingerprint + %th Added at + %th + %tbody + - @deploy_keys.each do |deploy_key| + %tr + %td + = link_to admin_deploy_key_path(deploy_key) do + %strong= deploy_key.title + %td + %span + (#{deploy_key.fingerprint}) + %td + %span.cgray + added #{time_ago_with_tooltip(deploy_key.created_at)} + %td + = link_to 'Remove', admin_deploy_key_path(deploy_key), data: { confirm: 'Are you sure?'}, method: :delete, class: "btn btn-sm btn-remove delete-key pull-right" diff --git a/app/views/admin/deploy_keys/new.html.haml b/app/views/admin/deploy_keys/new.html.haml new file mode 100644 index 00000000000..c00049424c5 --- /dev/null +++ b/app/views/admin/deploy_keys/new.html.haml @@ -0,0 +1,26 @@ +%h3.page-title New public deploy key +%hr + +%div + = form_for [:admin, @deploy_key], html: { class: 'deploy-key-form form-horizontal' } do |f| + -if @deploy_key.errors.any? + .alert.alert-danger + %ul + - @deploy_key.errors.full_messages.each do |msg| + %li= msg + + .form-group + = f.label :title, class: "control-label" + .col-sm-10= f.text_field :title, class: 'form-control' + .form-group + = f.label :key, class: "control-label" + .col-sm-10 + %p.light + Paste a machine public key here. Read more about how to generate it + = link_to "here", help_page_path("ssh", "README") + = f.text_area :key, class: "form-control thin_area", rows: 5 + + .form-actions + = f.submit 'Create', class: "btn-create btn" + = link_to "Cancel", admin_deploy_keys_path, class: "btn btn-cancel" + diff --git a/app/views/admin/deploy_keys/show.html.haml b/app/views/admin/deploy_keys/show.html.haml new file mode 100644 index 00000000000..cfa2adf92ee --- /dev/null +++ b/app/views/admin/deploy_keys/show.html.haml @@ -0,0 +1,34 @@ +.row + .col-md-4 + .panel.panel-default + .panel-heading + Deploy Key + %ul.well-list + %li + %span.light Title: + %strong= @deploy_key.title + %li + %span.light Created on: + %strong= @deploy_key.created_at.stamp("Aug 21, 2011") + + .panel.panel-default + .panel-heading Projects (#{@deploy_key.deploy_keys_projects.count}) + - if @deploy_key.deploy_keys_projects.any? + %ul.well-list + - @deploy_key.projects.each do |project| + %li + %span + %strong + = link_to project.name_with_namespace, [:admin, project.namespace.becomes(Namespace), project] + .pull-right + = link_to disable_namespace_project_deploy_key_path(project.namespace, project, @deploy_key), data: { confirm: "Are you sure?" }, method: :put, class: "btn-xs btn btn-remove", title: 'Remove deploy key from project' do + %i.fa.fa-times.fa-inverse + + .col-md-8 + %p + %span.light Fingerprint: + %strong= @deploy_key.fingerprint + %pre.well-pre + = @deploy_key.key + .pull-right + = link_to 'Remove', admin_deploy_key_path(@deploy_key), data: {confirm: 'Are you sure?'}, method: :delete, class: "btn btn-remove delete-key" diff --git a/app/views/layouts/nav/_admin.html.haml b/app/views/layouts/nav/_admin.html.haml index 2f38d596c65..34efceb37d1 100644 --- a/app/views/layouts/nav/_admin.html.haml +++ b/app/views/layouts/nav/_admin.html.haml @@ -19,6 +19,11 @@ %i.fa.fa-group %span Groups + = nav_link(controller: :deploy_keys) do + = link_to admin_deploy_keys_path, title: 'Deploy Keys' do + %i.fa.fa-key + %span + Deploy Keys = nav_link(controller: :logs) do = link_to admin_logs_path, title: 'Logs' do %i.fa.fa-file-text diff --git a/app/views/projects/deploy_keys/_deploy_key.html.haml b/app/views/projects/deploy_keys/_deploy_key.html.haml index a2faa9d5e25..8837a65918c 100644 --- a/app/views/projects/deploy_keys/_deploy_key.html.haml +++ b/app/views/projects/deploy_keys/_deploy_key.html.haml @@ -5,21 +5,38 @@ %i.fa.fa-plus Enable - else - - if deploy_key.projects.count > 1 + - if deploy_key.projects.count > 1 || deploy_key.public? = link_to disable_namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), class: 'btn btn-sm', method: :put do %i.fa.fa-power-off Disable - else - = link_to 'Remove', namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), data: { confirm: 'You are going to remove deploy key. Are you sure?'}, method: :delete, class: "btn btn-remove delete-key btn-sm pull-right" + = link_to 'Remove', disable_namespace_project_deploy_key_path(@project.namespace, @project, deploy_key), data: { confirm: 'You are going to remove deploy key. Are you sure?'}, method: :put, class: "btn btn-remove delete-key btn-sm pull-right" - - key_project = deploy_key.projects.include?(@project) ? @project : deploy_key.projects.first - = link_to namespace_project_deploy_key_path(key_project.namespace, key_project, deploy_key) do + - if deploy_key.projects.include?(@project) + - key_project = @project + - else + - key_project = deploy_key.projects.find { |project| can?(current_user, :read_project, project) } + + - if key_project + = link_to namespace_project_deploy_key_path(key_project.namespace, key_project, deploy_key) do + %i.fa.fa-key + %strong= deploy_key.title + - else %i.fa.fa-key %strong= deploy_key.title + %p.light.prepend-top-10 - - deploy_key.projects.map(&:name_with_namespace).each do |project_name| - %span.label.label-gray.deploy-project-label= project_name + - if deploy_key.public? + %span.label.label-info.deploy-project-label + Public deploy key + + - deploy_key.projects.each do |project| + - if can?(current_user, :read_project, project) + %span.label.label-gray.deploy-project-label + = link_to namespace_project_path(project.namespace, project) do + = project.name_with_namespace + %small.pull-right Created #{time_ago_with_tooltip(deploy_key.created_at)} diff --git a/app/views/projects/deploy_keys/index.html.haml b/app/views/projects/deploy_keys/index.html.haml index c02a18146eb..186cdfeea33 100644 --- a/app/views/projects/deploy_keys/index.html.haml +++ b/app/views/projects/deploy_keys/index.html.haml @@ -22,11 +22,19 @@ .light-well .nothing-here-block Create a #{link_to 'new deploy key', new_namespace_project_deploy_key_path(@project.namespace, @project)} or add an existing one .col-md-6.available-keys - %h5 - %strong Deploy keys - from projects available to you - %ul.bordered-list - = render @available_keys - - if @available_keys.blank? - .light-well - .nothing-here-block Deploy keys from projects you have access to will be displayed here + - unless @available_project_keys.blank? && @available_public_keys.any? + %h5 + %strong Deploy keys + from projects you have access to + %ul.bordered-list + = render @available_project_keys + - if @available_project_keys.blank? + .light-well + .nothing-here-block Deploy keys from projects you have access to will be displayed here + + - if @available_public_keys.any? + %h5 + %strong Public deploy keys + available to any project + %ul.bordered-list + = render @available_public_keys |