diff options
| author | Tiago Botelho <tiagonbotelho@hotmail.com> | 2018-01-18 09:31:00 +0000 |
|---|---|---|
| committer | Tiago Botelho <tiagonbotelho@hotmail.com> | 2018-02-06 13:35:35 +0000 |
| commit | 921d2afc6989dfa8220032984f657210c07e8792 (patch) | |
| tree | 21467fea1fa8b83766ad91e843ba0d95dfb3e051 /lib | |
| parent | b9d547b12c3731160c456f3f20366e600ab99484 (diff) | |
| download | gitlab-ce-921d2afc6989dfa8220032984f657210c07e8792.tar.gz | |
Adds option to push over HTTP to create a new project
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/git_access.rb | 29 |
1 files changed, 24 insertions, 5 deletions
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb index 56f6febe86d..9427a5e4baa 100644 --- a/lib/gitlab/git_access.rb +++ b/lib/gitlab/git_access.rb @@ -18,21 +18,23 @@ module Gitlab upload_pack_disabled_over_http: 'Pulling over HTTP is not allowed.', receive_pack_disabled_over_http: 'Pushing over HTTP is not allowed.', read_only: 'The repository is temporarily read-only. Please try again later.', - cannot_push_to_read_only: "You can't push code to a read-only GitLab instance." + cannot_push_to_read_only: "You can't push code to a read-only GitLab instance.", + create: "Creating a repository to that namespace is not allowed." }.freeze DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }.freeze PUSH_COMMANDS = %w{ git-receive-pack }.freeze ALL_COMMANDS = DOWNLOAD_COMMANDS + PUSH_COMMANDS - attr_reader :actor, :project, :protocol, :authentication_abilities, :redirected_path + attr_reader :actor, :project, :protocol, :authentication_abilities, :redirected_path, :target_namespace - def initialize(actor, project, protocol, authentication_abilities:, redirected_path: nil) + def initialize(actor, project, protocol, authentication_abilities:, redirected_path: nil, target_namespace: nil) @actor = actor @project = project @protocol = protocol @redirected_path = redirected_path @authentication_abilities = authentication_abilities + @target_namespace = target_namespace end def check(cmd, changes) @@ -44,6 +46,7 @@ module Gitlab check_command_disabled!(cmd) check_command_existence!(cmd) check_repository_existence! + check_repository_creation! case cmd when *DOWNLOAD_COMMANDS @@ -96,7 +99,7 @@ module Gitlab end def check_project_accessibility! - if project.blank? || !can_read_project? + if (project.blank? || !can_read_project?) && !can_create_project_in_namespace? raise NotFoundError, ERROR_MESSAGES[:project_not_found] end end @@ -140,11 +143,19 @@ module Gitlab end def check_repository_existence! - unless project.repository.exists? + if (project.blank? || !project.repository.exists?) && !can_create_project_in_namespace? raise UnauthorizedError, ERROR_MESSAGES[:no_repo] end end + def check_repository_creation! + return unless target_namespace + + unless can_create_project_in_namespace? + raise UnauthorizedError, ERROR_MESSAGES[:create] + end + end + def check_download_access! return if deploy_key? @@ -158,6 +169,8 @@ module Gitlab end def check_push_access!(changes) + return if can_create_project_in_namespace? + if project.repository_read_only? raise UnauthorizedError, ERROR_MESSAGES[:read_only] end @@ -234,6 +247,12 @@ module Gitlab end || Guest.can?(:read_project, project) end + def can_create_project_in_namespace? + return unless target_namespace + + actor.can?(:create_projects, target_namespace) + end + def http? protocol == 'http' end |