GitlabAccess and GitlabPostReceive classes added

Gitlab Access handles security check. GitlabPostReceive creates a sidekiq job

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

3 files changed, 70 insertions, 3 deletions

diff --git a/lib/gitlab_access.rb b/lib/gitlab_access.rb
new file mode 100644
index 0000000..1f328b7
--- /dev/null
+++ b/lib/gitlab_access.rb
@@ -0,0 +1,34 @@
+require_relative 'gitlab_init'
+require_relative 'gitlab_net'
+require_relative 'names_helper'
+require 'json'
+
+class GitlabAccess
+  include NamesHelper
+
+  attr_reader :config, :repo_path, :repo_name, :changes
+
+  def initialize(repo_path, actor, changes)
+    @config = GitlabConfig.new
+    @repo_path, @actor = repo_path.strip, actor
+    @repo_name = extract_repo_name(@repo_path.dup, config.repos_path.to_s)
+    @changes = changes.lines
+  end
+
+  def exec
+    if api.allowed?('git-receive-pack', @repo_name, @actor, @changes)
+      exit 0
+    else
+      # reset GL_ID env since we stop git push here
+      ENV['GL_ID'] = nil
+      puts "GitLab: You are not allowed to access #{@ref_name}!"
+      exit 1
+    end
+  end
+
+  protected
+
+  def api
+    GitlabNet.new
+  end
+end
diff --git a/lib/gitlab_post_receive.rb b/lib/gitlab_post_receive.rb
new file mode 100644
index 0000000..3f9f384
--- /dev/null
+++ b/lib/gitlab_post_receive.rb
@@ -0,0 +1,31 @@
+require_relative 'gitlab_init'
+require 'json'
+
+class GitlabPostReceive
+  attr_reader :config, :repo_path, :changes
+
+  def initialize(repo_path, actor, changes)
+    @config = GitlabConfig.new
+    @repo_path, @actor = repo_path.strip, actor
+    @changes = changes.lines
+  end
+
+  def exec
+    # reset GL_ID env since we already
+    # get value from it
+    ENV['GL_ID'] = nil
+
+    update_redis
+  end
+
+  protected
+
+  def update_redis
+    queue = "#{config.redis_namespace}:queue:post_receive"
+    msg = JSON.dump({'class' => 'PostReceive', 'args' => [@repo_path, @actor, @changes]})
+    unless system(*config.redis_command, 'rpush', queue, msg, err: '/dev/null', out: '/dev/null')
+      puts "GitLab: An unexpected error occurred (redis-cli returned #{$?.exitstatus})."
+      exit 1
+    end
+  end
+end
diff --git a/lib/gitlab_projects.rb b/lib/gitlab_projects.rb
index a6fa1b5..a27036b 100644
--- a/lib/gitlab_projects.rb
+++ b/lib/gitlab_projects.rb
@@ -18,9 +18,11 @@ class GitlabProjects
   attr_reader :full_path
 
   def self.create_hooks(path)
-    hook = File.join(path, 'hooks', 'update')
-    File.delete(hook) if File.exists?(hook)
-    File.symlink(File.join(ROOT_PATH, 'hooks', 'update'), hook)
+    %w(pre-receive post-receive).each do |hook_name|
+      hook = File.join(path, 'hooks', hook_name)
+      File.delete(hook) if File.exists?(hook)
+      File.symlink(File.join(ROOT_PATH, 'hooks', hook_name), hook)
+    end
   end
 
   def initialize