Show error message when git access is rejected

4 files changed, 33 insertions, 7 deletions

diff --git a/lib/gitlab_access.rb b/lib/gitlab_access.rb
index 78d353c..547b81d 100644
--- a/lib/gitlab_access.rb
+++ b/lib/gitlab_access.rb
@@ -1,5 +1,6 @@
 require_relative 'gitlab_init'
 require_relative 'gitlab_net'
+require_relative 'gitlab_access_status'
 require_relative 'names_helper'
 require 'json'
 
@@ -17,13 +18,14 @@ class GitlabAccess
   end
 
   def exec
-    if api.allowed?('git-receive-pack', @repo_name, @actor, @changes)
-      return true
+    status = api.check_access('git-receive-pack', @repo_name, @actor, @changes)
+    if status.allowed?
+      true
     else
       # reset GL_ID env since we stop git push here
       ENV['GL_ID'] = nil
-      puts "GitLab: You are not allowed to access some of the refs!"
-      return false
+      puts "GitLab: #{status.message}"
+      false
     end
   end
 
diff --git a/lib/gitlab_access_status.rb b/lib/gitlab_access_status.rb
new file mode 100644
index 0000000..597fcbb
--- /dev/null
+++ b/lib/gitlab_access_status.rb
@@ -0,0 +1,20 @@
+require 'json'
+
+class GitAccessStatus
+  attr_accessor :status, :message
+  alias_method :allowed?, :status
+
+  def initialize(status, message = '')
+    @status = status
+    @message = message
+  end
+
+  def self.create_from_json(json)
+    values = JSON.parse(json)
+    self.new(values["status"], values["message"])
+  end
+
+  def to_json
+    {status: @status, message: @message}.to_json
+  end
+end
\ No newline at end of file
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb
index e6478ef..1f27398 100644
--- a/lib/gitlab_net.rb
+++ b/lib/gitlab_net.rb
@@ -6,7 +6,7 @@ require_relative 'gitlab_config'
 require_relative 'gitlab_logger'
 
 class GitlabNet
-  def allowed?(cmd, repo, actor, changes)
+  def check_access(cmd, repo, actor, changes)
     project_name = repo.gsub("'", "")
     project_name = project_name.gsub(/\.git\Z/, "")
     project_name = project_name.gsub(/\A\//, "")
@@ -26,7 +26,11 @@ class GitlabNet
     url = "#{host}/allowed"
     resp = post(url, params)
 
-    !!(resp.code == '200' && resp.body == 'true')
+    if resp.code == '200'
+      GitAccessStatus.create_from_json(resp.body)
+    else
+      GitAccessStatus.new(false, "API is not accesible")
+    end
   end
 
   def discover(key)
diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb
index e2cb2cc..95fad9e 100644
--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -60,7 +60,7 @@ class GitlabShell
   end
 
   def validate_access
-    api.allowed?(@git_cmd, @repo_name, @key_id, '_any')
+    api.check_access(@git_cmd, @repo_name, @key_id, '_any').allowed?
   end
 
   # This method is not covered by Rspec because it ends the current Ruby process.