From 61b85aed59481d0ebbb6aacc74b05f8d1b289703 Mon Sep 17 00:00:00 2001 From: Saito Date: Fri, 29 Jun 2012 10:52:09 +0800 Subject: [PATCH 1/5] add grack to support smart http protocal for git --- Gemfile | 1 + Gemfile.lock | 8 ++++++++ 2 files changed, 9 insertions(+) diff --git a/Gemfile b/Gemfile index 4c977dde..8394f7e9 100644 --- a/Gemfile +++ b/Gemfile @@ -15,6 +15,7 @@ gem "gitolite", :git => "https://github.com/gitlabhq/gitolite-client.git", gem "pygments.rb", :git => "https://github.com/gitlabhq/pygments.rb.git", :ref => "2cada028da5054616634a1d9ca6941b65b3ce188" gem "omniauth-ldap", :git => "https://github.com/gitlabhq/omniauth-ldap.git", :ref => "7edf27d0281e09561838122982c16b7e62181f44" gem 'yaml_db', :git => "https://github.com/gitlabhq/yaml_db.git" +gem 'grack', :git => "https://github.com/SaitoWu/grack.git" gem "linguist", "~> 1.0.0", :git => "https://github.com/gitlabhq/linguist.git" gem "stamp" diff --git a/Gemfile.lock b/Gemfile.lock index d50a8d1e..c077593e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,3 +1,10 @@ +GIT + remote: https://github.com/SaitoWu/grack.git + revision: dd990d231ac9189046b71a65d874638e55320e27 + specs: + grack (1.0.0) + rack (~> 1.4.1) + GIT remote: https://github.com/ctran/annotate_models.git revision: 18cd39ad01829deba5aa34634b8540d6675ab978 @@ -373,6 +380,7 @@ DEPENDENCIES foreman git gitolite! + grack! grit! haml-rails httparty From 86807b8ecc1b6e6e55e297d52bd2c04375d1e3f1 Mon Sep 17 00:00:00 2001 From: Saito Date: Fri, 29 Jun 2012 11:30:31 +0800 Subject: [PATCH 2/5] mount grack to git, u can 'git clone http://localhost/git/xx.git' now --- config/gitlab.yml.example | 4 +++ config/initializers/grack_auth.rb | 8 +++++ config/routes.rb | 52 ++++++++++++++++++------------- 3 files changed, 42 insertions(+), 22 deletions(-) create mode 100644 config/initializers/grack_auth.rb diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example index f29bafa1..b74082c3 100644 --- a/config/gitlab.yml.example +++ b/config/gitlab.yml.example @@ -17,11 +17,15 @@ git_host: base_path: /home/git/repositories/ host: localhost git_user: git + upload_pack: true + receive_pack: true # port: 22 + # Git settings # Use default values unless you understand it git: + path: /usr/bin/git # Max size of git object like commit, in bytes # This value can be increased if you have a very large commits git_max_size: 5242880 # 5.megabytes diff --git a/config/initializers/grack_auth.rb b/config/initializers/grack_auth.rb new file mode 100644 index 00000000..17d3641a --- /dev/null +++ b/config/initializers/grack_auth.rb @@ -0,0 +1,8 @@ +module Grack + class Auth < Rack::Auth::Basic + + def valid? + true + end + end +end diff --git a/config/routes.rb b/config/routes.rb index 67e4aedd..b1bd5a7b 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -8,6 +8,14 @@ Gitlab::Application.routes.draw do require 'resque/server' mount Resque::Server.new, at: '/info/resque' + # Enable Grack support + mount Grack::Bundle.new({ + git_path: GIT_OPTS['path'], + project_root: GIT_HOST['base_path'], + upload_pack: GIT_HOST['upload_pack'], + receive_pack: GIT_HOST['receive_pack'] + }), at: '/git' + # # Help # @@ -20,15 +28,15 @@ Gitlab::Application.routes.draw do # Admin Area # namespace :admin do - resources :users do - member do + resources :users do + member do put :team_update put :block put :unblock end end - resources :projects, :constraints => { :id => /[^\/]+/ } do - member do + resources :projects, :constraints => { :id => /[^\/]+/ } do + member do get :team put :team_update end @@ -79,12 +87,12 @@ Gitlab::Application.routes.draw do resources :wikis, :only => [:show, :edit, :destroy, :create] do member do - get "history" + get "history" end end - resource :repository do - member do + resource :repository do + member do get "branches" get "tags" get "archive" @@ -94,14 +102,14 @@ Gitlab::Application.routes.draw do resources :deploy_keys resources :protected_branches, :only => [:index, :create, :destroy] - resources :refs, :only => [], :path => "/" do - collection do + resources :refs, :only => [], :path => "/" do + collection do get "switch" end - member do + member do get "tree", :constraints => { :id => /[a-zA-Z.\/0-9_\-]+/ } - get "blob", + get "blob", :constraints => { :id => /[a-zA-Z.0-9\/_\-]+/, :path => /.*/ @@ -126,36 +134,36 @@ Gitlab::Application.routes.draw do end end - resources :merge_requests do - member do + resources :merge_requests do + member do get :diffs get :automerge get :automerge_check end - collection do + collection do get :branch_from get :branch_to end end - - resources :snippets do - member do + + resources :snippets do + member do get "raw" end end - resources :hooks, :only => [:index, :create, :destroy] do - member do + resources :hooks, :only => [:index, :create, :destroy] do + member do get :test end end - resources :commits do - collection do + resources :commits do + collection do get :compare end - member do + member do get :patch end end From 7f44599ed0ddb1e01395f41e5f4bec869c2238e6 Mon Sep 17 00:00:00 2001 From: Saito Date: Fri, 29 Jun 2012 15:43:15 +0800 Subject: [PATCH 3/5] integrate with gitlabhq authority --- Gemfile.lock | 2 +- config/initializers/grack_auth.rb | 31 +++++++++++++++++++++++++++---- 2 files changed, 28 insertions(+), 5 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index c077593e..823f65e2 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,6 +1,6 @@ GIT remote: https://github.com/SaitoWu/grack.git - revision: dd990d231ac9189046b71a65d874638e55320e27 + revision: ba46f3b0845c6a09d488ae6abdce6ede37e227e8 specs: grack (1.0.0) rack (~> 1.4.1) diff --git a/config/initializers/grack_auth.rb b/config/initializers/grack_auth.rb index 17d3641a..27a0a1db 100644 --- a/config/initializers/grack_auth.rb +++ b/config/initializers/grack_auth.rb @@ -2,7 +2,30 @@ module Grack class Auth < Rack::Auth::Basic def valid? - true - end - end -end + # Authentication with username and password + email, password = @auth.credentials + user = User.find_by_email(email) + return false unless user.valid_password?(password) + + # Find project by PATH_INFO from env + if m = /^\/([\w-]+).git/.match(@env['PATH_INFO']).to_a + return false unless project = Project.find_by_path(m.last) + end + + # Git upload and receive + if @env['REQUEST_METHOD'] == 'GET' + true + elsif @env['REQUEST_METHOD'] == 'POST' + if @env['REQUEST_URI'].end_with?('git-upload-pack') + return project.dev_access_for?(user) + elsif @env['REQUEST_URI'].end_with?('git-upload-pack') + #TODO master branch protection + return project.dev_access_for?(user) + else + false + end + end + + end# valid? + end# Auth +end# Grack From 8db947bcfe2f3e988c995696f0fd24d9edfdc3b0 Mon Sep 17 00:00:00 2001 From: Saito Date: Fri, 29 Jun 2012 18:11:37 +0800 Subject: [PATCH 4/5] implements protected branches to smart http protocal --- config/initializers/grack_auth.rb | 23 +++++++++++++++++++---- 1 file changed, 19 insertions(+), 4 deletions(-) diff --git a/config/initializers/grack_auth.rb b/config/initializers/grack_auth.rb index 27a0a1db..bb34ce6d 100644 --- a/config/initializers/grack_auth.rb +++ b/config/initializers/grack_auth.rb @@ -18,14 +18,29 @@ module Grack elsif @env['REQUEST_METHOD'] == 'POST' if @env['REQUEST_URI'].end_with?('git-upload-pack') return project.dev_access_for?(user) - elsif @env['REQUEST_URI'].end_with?('git-upload-pack') - #TODO master branch protection - return project.dev_access_for?(user) + elsif @env['REQUEST_URI'].end_with?('git-receive-pack') + if project.protected_branches.map(&:name).include?(current_ref) + project.master_access_for?(user) + else + project.dev_access_for?(user) + end else false end + else + false + end + end# valid? + + def current_ref + if @env["HTTP_CONTENT_ENCODING"] =~ /gzip/ + input = Zlib::GzipReader.new(@request.body).string + else + input = @request.body.string end - end# valid? + oldrev, newrev, ref = input.split(' ') + /refs\/heads\/([\w-]+)/.match(ref).to_a.last + end end# Auth end# Grack From 1df1daa12ee6ac9a006b86584b8ecd90cea660a7 Mon Sep 17 00:00:00 2001 From: Saito Date: Fri, 29 Jun 2012 18:49:36 +0800 Subject: [PATCH 5/5] use gitlabhq/grack instead of my fork --- Gemfile | 2 +- Gemfile.lock | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Gemfile b/Gemfile index 8394f7e9..d4b3ce30 100644 --- a/Gemfile +++ b/Gemfile @@ -15,7 +15,7 @@ gem "gitolite", :git => "https://github.com/gitlabhq/gitolite-client.git", gem "pygments.rb", :git => "https://github.com/gitlabhq/pygments.rb.git", :ref => "2cada028da5054616634a1d9ca6941b65b3ce188" gem "omniauth-ldap", :git => "https://github.com/gitlabhq/omniauth-ldap.git", :ref => "7edf27d0281e09561838122982c16b7e62181f44" gem 'yaml_db', :git => "https://github.com/gitlabhq/yaml_db.git" -gem 'grack', :git => "https://github.com/SaitoWu/grack.git" +gem 'grack', :git => "https://github.com/gitlabhq/grack.git" gem "linguist", "~> 1.0.0", :git => "https://github.com/gitlabhq/linguist.git" gem "stamp" diff --git a/Gemfile.lock b/Gemfile.lock index 823f65e2..6287b2d4 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,10 +1,3 @@ -GIT - remote: https://github.com/SaitoWu/grack.git - revision: ba46f3b0845c6a09d488ae6abdce6ede37e227e8 - specs: - grack (1.0.0) - rack (~> 1.4.1) - GIT remote: https://github.com/ctran/annotate_models.git revision: 18cd39ad01829deba5aa34634b8540d6675ab978 @@ -20,6 +13,13 @@ GIT grit (>= 2.4.1) hashery (~> 1.4.0) +GIT + remote: https://github.com/gitlabhq/grack.git + revision: ba46f3b0845c6a09d488ae6abdce6ede37e227e8 + specs: + grack (1.0.0) + rack (~> 1.4.1) + GIT remote: https://github.com/gitlabhq/grit.git revision: 7f35cb98ff17d534a07e3ce6ec3d580f67402837