add secret tokensecret_token

10 files changed, 37 insertions, 8 deletions

diff --git a/.gitignore b/.gitignore
index 238f5c0..4c11841 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,5 @@ tmp/*
 /*.log*
 authorized_keys.lock
 coverage/
+.gitlab_shell_secret
+.bundle
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb
index 1eb043f..e6478ef 100644
--- a/lib/gitlab_net.rb
+++ b/lib/gitlab_net.rb
@@ -76,6 +76,7 @@ class GitlabNet
     url = URI.parse(url)
     http = http_client_for url
     request = http_request_for url
+    request.set_form_data(secret_token: secret_token)
 
     http.start { |http| http.request(request) }.tap do |resp|
       if resp.code == "200"
@@ -92,7 +93,7 @@ class GitlabNet
     url = URI.parse(url)
     http = http_client_for(url)
     request = http_request_for(url, :post)
-    request.set_form_data(params)
+    request.set_form_data(params.merge(secret_token: secret_token))
 
     http.start { |http| http.request(request) }.tap do |resp|
       if resp.code == "200"
@@ -116,4 +117,8 @@ class GitlabNet
       end
     end
   end
+
+  def secret_token
+    @secret_token ||= File.read File.join(ROOT_PATH, '.gitlab_shell_secret')
+  end
 end
diff --git a/spec/gitlab_net_spec.rb b/spec/gitlab_net_spec.rb
index 6b0b65a..b62e2c6 100644
--- a/spec/gitlab_net_spec.rb
+++ b/spec/gitlab_net_spec.rb
@@ -8,6 +8,7 @@ describe GitlabNet, vcr: true do
 
   before do
     gitlab_net.stub!(:host).and_return('https://dev.gitlab.org/api/v3/internal')
+    gitlab_net.stub!(:secret_token).and_return('a123')
   end
 
   describe :check do
@@ -17,6 +18,13 @@ describe GitlabNet, vcr: true do
         result.code.should == '200'
       end
     end
+
+    it 'adds the secret_token to request' do
+      VCR.use_cassette("check-ok") do
+        Net::HTTP::Get.any_instance.should_receive(:set_form_data).with(hash_including(secret_token: 'a123'))
+        gitlab_net.check
+      end
+    end
   end
 
   describe :discover do
@@ -26,6 +34,13 @@ describe GitlabNet, vcr: true do
         user['name'].should == 'Dmitriy Zaporozhets'
       end
     end
+
+    it 'adds the secret_token to request' do
+      VCR.use_cassette("discover-ok") do
+          Net::HTTP::Get.any_instance.should_receive(:set_form_data).with(hash_including(secret_token: 'a123'))
+          gitlab_net.discover('key-126')
+        end
+      end
   end
 
   describe :allowed? do
@@ -37,6 +52,13 @@ describe GitlabNet, vcr: true do
         end
       end
 
+      it 'adds the secret_token theo request' do
+        VCR.use_cassette("allowed-pull") do
+          Net::HTTP::Post.any_instance.should_receive(:set_form_data).with(hash_including(secret_token: 'a123'))
+          gitlab_net.allowed?('git-receive-pack', 'gitlab/gitlabhq.git', 'key-126', changes)          
+        end
+      end
+
       it 'should allow push access for dev.gitlab.org' do
         VCR.use_cassette("allowed-push") do
           access = gitlab_net.allowed?('git-upload-pack', 'gitlab/gitlabhq.git', 'key-126', changes)
diff --git a/spec/vcr_cassettes/allowed-pull.yml b/spec/vcr_cassettes/allowed-pull.yml
index 29a0ac6..337b00f 100644
--- a/spec/vcr_cassettes/allowed-pull.yml
+++ b/spec/vcr_cassettes/allowed-pull.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/allowed
     body:
       encoding: US-ASCII
-      string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=126
+      string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=126&secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/allowed-push.yml b/spec/vcr_cassettes/allowed-push.yml
index 5d19db8..cb757bf 100644
--- a/spec/vcr_cassettes/allowed-push.yml
+++ b/spec/vcr_cassettes/allowed-push.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/allowed
     body:
       encoding: US-ASCII
-      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=126
+      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=126&secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/check-ok.yml b/spec/vcr_cassettes/check-ok.yml
index 641c6ce..1ba8b04 100644
--- a/spec/vcr_cassettes/check-ok.yml
+++ b/spec/vcr_cassettes/check-ok.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/check
     body:
       encoding: US-ASCII
-      string: ''
+      string: secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/denied-pull.yml b/spec/vcr_cassettes/denied-pull.yml
index 505ce97..9941e70 100644
--- a/spec/vcr_cassettes/denied-pull.yml
+++ b/spec/vcr_cassettes/denied-pull.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/allowed
     body:
       encoding: US-ASCII
-      string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=2
+      string: action=git-receive-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=2&secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/denied-push-with-user.yml b/spec/vcr_cassettes/denied-push-with-user.yml
index adca071..4694797 100644
--- a/spec/vcr_cassettes/denied-push-with-user.yml
+++ b/spec/vcr_cassettes/denied-push-with-user.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/allowed
     body:
       encoding: US-ASCII
-      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&user_id=1
+      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&user_id=1&secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/denied-push.yml b/spec/vcr_cassettes/denied-push.yml
index 2b0bfea..fc0a309 100644
--- a/spec/vcr_cassettes/denied-push.yml
+++ b/spec/vcr_cassettes/denied-push.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/allowed
     body:
       encoding: US-ASCII
-      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=2
+      string: action=git-upload-pack&changes=0000000000000000000000000000000000000000+92d0970eefd7acb6d548878925ce2208cfe2d2ec+refs%2Fheads%2Fbranch4&project=gitlab%2Fgitlabhq&key_id=2&secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3
diff --git a/spec/vcr_cassettes/discover-ok.yml b/spec/vcr_cassettes/discover-ok.yml
index 982065a..a86243c 100644
--- a/spec/vcr_cassettes/discover-ok.yml
+++ b/spec/vcr_cassettes/discover-ok.yml
@@ -5,7 +5,7 @@ http_interactions:
     uri: https://dev.gitlab.org/api/v3/internal/discover?key_id=126
     body:
       encoding: US-ASCII
-      string: ''
+      string: secret_token=a123
     headers:
       Accept-Encoding:
       - gzip;q=1.0,deflate;q=0.6,identity;q=0.3