diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-03-19 20:21:17 +0200 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2014-03-19 20:21:17 +0200 |
commit | b29a61ebe0d6bcade65d397569b5ffe9089010fd (patch) | |
tree | 1b11bd9caef359539ae7e99e4294524a216bc228 | |
parent | e294b344d8ba9c76c74d331cf2507e4c128f8f56 (diff) | |
download | gitlab-shell-b29a61ebe0d6bcade65d397569b5ffe9089010fd.tar.gz |
Send api.allowed? request for both http and ssh push
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
-rw-r--r-- | lib/gitlab_net.rb | 18 | ||||
-rw-r--r-- | lib/gitlab_update.rb | 25 |
2 files changed, 22 insertions, 21 deletions
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index 99d0044..44c56bd 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -6,14 +6,26 @@ require_relative 'gitlab_config' require_relative 'gitlab_logger' class GitlabNet - def allowed?(cmd, repo, key, ref) + def allowed?(cmd, repo, actor, ref, oldrev = nil, newrev = nil) project_name = repo.gsub("'", "") project_name = project_name.gsub(/\.git\Z/, "") project_name = project_name.gsub(/\A\//, "") - key_id = key.gsub("key-", "") + params = { + action: cmd, + ref: ref, + project: project_name, + oldrev: oldrev, + newrev: newrev + } + + if actor =~ /\Akey\-\d+\Z/ + params.merge!(key_id: actor.gsub("key-", "")) + elsif actor =~ /\Auser\-\d+\Z/ + params.merge!(user_id: actor.gsub("user-", "")) + end - url = "#{host}/allowed?key_id=#{key_id}&action=#{cmd}&ref=#{ref}&project=#{project_name}" + url = "#{host}/allowed?" + URI.encode_www_form(params) resp = get(url) !!(resp.code == '200' && resp.body == 'true') diff --git a/lib/gitlab_update.rb b/lib/gitlab_update.rb index 6b3271c..6ce6952 100644 --- a/lib/gitlab_update.rb +++ b/lib/gitlab_update.rb @@ -5,7 +5,7 @@ require 'json' class GitlabUpdate attr_reader :config - def initialize(repo_path, key_id, refname) + def initialize(repo_path, actor, refname) @config = GitlabConfig.new @repo_path = repo_path.strip @@ -14,7 +14,7 @@ class GitlabUpdate @repo_name.gsub!(/\.git$/, "") @repo_name.gsub!(/^\//, "") - @key_id = key_id + @actor = actor @refname = refname @branch_name = /refs\/heads\/([\/\w\.-]+)/.match(refname).to_a.last @@ -27,19 +27,12 @@ class GitlabUpdate # get value from it ENV['GL_ID'] = nil - # If its push over ssh - # we need to check user permission per branch first - if ssh? - if api.allowed?('git-receive-pack', @repo_name, @key_id, @branch_name) - update_redis - exit 0 - else - puts "GitLab: You are not allowed to access #{@branch_name}!" - exit 1 - end - else + if api.allowed?('git-receive-pack', @repo_name, @actor, @branch_name, @oldrev, @newrev) update_redis exit 0 + else + puts "GitLab: You are not allowed to access #{@branch_name}!" + exit 1 end end @@ -49,13 +42,9 @@ class GitlabUpdate GitlabNet.new end - def ssh? - @key_id =~ /\Akey\-\d+\Z/ - end - def update_redis queue = "#{config.redis_namespace}:queue:post_receive" - msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @oldrev, @newrev, @refname, @key_id]}) + msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @oldrev, @newrev, @refname, @actor]}) unless system(*config.redis_command, 'rpush', queue, msg, err: '/dev/null', out: '/dev/null') puts "GitLab: An unexpected error occurred (redis-cli returned #{$?.exitstatus})." exit 1 |