summaryrefslogtreecommitdiff
path: root/lib/gitlab/git_access_snippet.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/git_access_snippet.rb')
-rw-r--r--lib/gitlab/git_access_snippet.rb19
1 files changed, 13 insertions, 6 deletions
diff --git a/lib/gitlab/git_access_snippet.rb b/lib/gitlab/git_access_snippet.rb
index 854bf6e9c9e..88a75f72840 100644
--- a/lib/gitlab/git_access_snippet.rb
+++ b/lib/gitlab/git_access_snippet.rb
@@ -30,7 +30,10 @@ module Gitlab
def check(cmd, changes)
check_snippet_accessibility!
- super
+ super.tap do |_|
+ # Ensure HEAD points to the default branch in case it is not master
+ snippet.change_head_to_default_branch
+ end
end
override :download_ability
@@ -56,7 +59,7 @@ module Gitlab
# TODO: Investigate if expanding actor/authentication types are needed.
# https://gitlab.com/gitlab-org/gitlab/issues/202190
if actor && !allowed_actor?
- raise ForbiddenError, ERROR_MESSAGES[:authentication_mechanism]
+ raise ForbiddenError, error_message(:authentication_mechanism)
end
super
@@ -68,14 +71,18 @@ module Gitlab
override :check_push_access!
def check_push_access!
- raise ForbiddenError, ERROR_MESSAGES[:update_snippet] unless user
+ raise ForbiddenError, error_message(:update_snippet) unless user
+
+ if snippet&.repository_read_only?
+ raise ForbiddenError, error_message(:read_only)
+ end
check_change_access!
end
def check_snippet_accessibility!
if snippet.blank?
- raise NotFoundError, ERROR_MESSAGES[:snippet_not_found]
+ raise NotFoundError, error_message(:snippet_not_found)
end
end
@@ -91,14 +98,14 @@ module Gitlab
passed = guest_can_download_code? || user_can_download_code?
unless passed
- raise ForbiddenError, ERROR_MESSAGES[:read_snippet]
+ raise ForbiddenError, error_message(:read_snippet)
end
end
override :check_change_access!
def check_change_access!
unless user_can_push?
- raise ForbiddenError, ERROR_MESSAGES[:update_snippet]
+ raise ForbiddenError, error_message(:update_snippet)
end
check_size_before_push!
View Lorry Controller Status