summaryrefslogtreecommitdiff
path: root/app/controllers/projects
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects')
-rw-r--r--app/controllers/projects/git_http_client_controller.rb7
1 files changed, 5 insertions, 2 deletions
diff --git a/app/controllers/projects/git_http_client_controller.rb b/app/controllers/projects/git_http_client_controller.rb
index aabb5b0fe01..c2a298fe37f 100644
--- a/app/controllers/projects/git_http_client_controller.rb
+++ b/app/controllers/projects/git_http_client_controller.rb
@@ -23,10 +23,12 @@ class Projects::GitHttpClientController < Projects::ApplicationController
login, password = user_name_and_password(request)
auth_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
- if auth_result.type == :ci && download_request?
- @ci = true
+ if auth_result.type == :ci && !download_request?
+ # Not allowed
+ auth_result = Gitlab::Auth::Result.new
elsif auth_result.type == :oauth && !download_request?
# Not allowed
+ auth_result = Gitlab::Auth::Result.new
elsif auth_result.type == :missing_personal_token
render_missing_personal_token
return # Render above denied access, nothing left to do
@@ -35,6 +37,7 @@ class Projects::GitHttpClientController < Projects::ApplicationController
end
@capabilities = auth_result.capabilities || []
+ @ci = auth_result.type == :ci
if auth_result.succeeded?
return # Allow access
View Lorry Controller Status