diff options
author | Valery Sizov <vsv2711@gmail.com> | 2014-11-14 18:23:55 +0200 |
---|---|---|
committer | Valery Sizov <vsv2711@gmail.com> | 2014-11-18 13:10:07 +0200 |
commit | 53bf52f191612df92d993cbcd3c4d6c89ab9c95a (patch) | |
tree | 48d6fc548d308f8fd83a78a0653a7720247306f4 /lib/gitlab/git_access.rb | |
parent | a4e98f0ec985c91631f41c56317926f29365d95a (diff) | |
download | gitlab-ce-53bf52f191612df92d993cbcd3c4d6c89ab9c95a.tar.gz |
Better message for failed pushes because of git hooks
Conflicts:
lib/gitlab/git_access.rb
spec/lib/gitlab/git_access_spec.rb
Diffstat (limited to 'lib/gitlab/git_access.rb')
-rw-r--r-- | lib/gitlab/git_access.rb | 51 |
1 files changed, 30 insertions, 21 deletions
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb index 129881060d5..3452240dad8 100644 --- a/lib/gitlab/git_access.rb +++ b/lib/gitlab/git_access.rb @@ -5,61 +5,60 @@ module Gitlab attr_reader :params, :project, :git_cmd, :user - def allowed?(actor, cmd, project, changes = nil) + def check(actor, cmd, project, changes = nil) case cmd when *DOWNLOAD_COMMANDS if actor.is_a? User - download_allowed?(actor, project) + download_access_check(actor, project) elsif actor.is_a? DeployKey actor.projects.include?(project) elsif actor.is_a? Key - download_allowed?(actor.user, project) + download_access_check(actor.user, project) else raise 'Wrong actor' end when *PUSH_COMMANDS if actor.is_a? User - push_allowed?(actor, project, changes) + push_access_check(actor, project, changes) elsif actor.is_a? DeployKey - # Deploy key not allowed to push - return false + return build_status_object(false, "Deploy key not allowed to push") elsif actor.is_a? Key - push_allowed?(actor.user, project, changes) + push_access_check(actor.user, project, changes) else raise 'Wrong actor' end else - false + return build_status_object(false, "Wrong command") end end - def download_allowed?(user, project) - if user && user_allowed?(user) - user.can?(:download_code, project) + def download_access_check(user, project) + if user && user_allowed?(user) && user.can?(:download_code, project) + build_status_object(true) else - false + build_status_object(false, "You don't have access") end end - def push_allowed?(user, project, changes) - return false unless user && user_allowed?(user) - return true if changes.blank? + def push_access_check(user, project, changes) + return build_status_object(false, "You don't have access") unless user && user_allowed?(user) + return build_status_object(true) if changes.blank? changes = changes.lines if changes.kind_of?(String) # Iterate over all changes to find if user allowed all of them to be applied changes.each do |change| - unless change_allowed?(user, project, change) + status = change_access_check(user, project, change) + unless status.allowed? # If user does not have access to make at least one change - cancel all push - return false + return status end end - # If user has access to make all changes - true + return build_status_object(true) end - def change_allowed?(user, project, change) + def change_access_check(user, project, change) oldrev, newrev, ref = change.split(' ') action = if project.protected_branch?(branch_name(ref)) @@ -79,7 +78,11 @@ module Gitlab :push_code end - user.can?(action, project) + if user.can?(action, project) + build_status_object(true) + else + build_status_object(false, "You don't have permission") + end end def forced_push?(project, oldrev, newrev) @@ -116,5 +119,11 @@ module Gitlab nil end end + + protected + + def build_status_object(status, message = '') + GitAccessStatus.new(status, message) + end end end |