deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge pull request #2584 from jasl8r/public-grack-clone

Browse source 
Public HTTP clones and remove auth request for public projects
This commit is contained in:
Dmitriy Zaporozhets 2013-01-14 10:13:02 -08:00
parent eff6d3c12b 80b8921a9a
commit b6da734824
1 changed files with 51 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

74
lib/gitlab/backend/grack_auth.rb
View file

@ -2,31 +2,43 @@ module Grack
class Auth < Rack::Auth::Basic class Auth < Rack::Auth::Basic
attr_accessor :user, :project attr_accessor :user, :project
def valid? def call(env)
# Find project by PATH_INFO from env @env = env
if m = /^\/([\w\.\/-]+)\.git/.match(@request.path_info).to_a @request = Rack::Request.new(env)
self.project = Project.find_with_namespace(m.last) @auth = Request.new(env)
return false unless project
end
if @request.get? && project.public
return true
end
# Authentication with username and password
login, password = @auth.credentials
self.user = User.find_by_email(login) || User.find_by_username(login)
return false unless user.try(:valid_password?, password)
email = user.email
# Set GL_USER env variable
ENV['GL_USER'] = email
# Pass Gitolite update hook # Pass Gitolite update hook
ENV['GL_BYPASS_UPDATE_HOOK'] = "true" ENV['GL_BYPASS_UPDATE_HOOK'] = "true"
# Need this patch due to the rails mount
@env['PATH_INFO'] = @request.path
@env['SCRIPT_NAME'] = ""
return render_not_found unless project
return unauthorized unless project.public || @auth.provided?
return bad_request if @auth.provided? && !@auth.basic?
if valid?
if @auth.provided?
@env['REMOTE_USER'] = @auth.username
end
return @app.call(env)
else
unauthorized
end
end
def valid?
if @auth.provided?
# Authentication with username and password
login, password = @auth.credentials
self.user = User.find_by_email(login) || User.find_by_username(login)
return false unless user.try(:valid_password?, password)
# Set GL_USER env variable
ENV['GL_USER'] = user.email
end
# Git upload and receive # Git upload and receive
if @request.get? if @request.get?
validate_get_request validate_get_request
@ -38,12 +50,12 @@ module Grack
end end
def validate_get_request def validate_get_request
can?(user, :download_code, project) project.public || can?(user, :download_code, project)
end end
def validate_post_request def validate_post_request
if @request.path_info.end_with?('git-upload-pack') if @request.path_info.end_with?('git-upload-pack')
can?(user, :download_code, project) project.public || can?(user, :download_code, project)
elsif @request.path_info.end_with?('git-receive-pack') elsif @request.path_info.end_with?('git-receive-pack')
action = if project.protected_branch?(current_ref) action = if project.protected_branch?(current_ref)
:push_code_to_protected_branches :push_code_to_protected_branches
@ -72,6 +84,22 @@ module Grack
/refs\/heads\/([\w\.-]+)/.match(input).to_a.first /refs\/heads\/([\w\.-]+)/.match(input).to_a.first
end end
def project
unless instance_variable_defined? :@project
# Find project by PATH_INFO from env
if m = /^\/([\w\.\/-]+)\.git/.match(@request.path_info).to_a
@project = Project.find_with_namespace(m.last)
end
end
return @project
end
PLAIN_TYPE = {"Content-Type" => "text/plain"}
def render_not_found
[404, PLAIN_TYPE, ["Not Found"]]
end
protected protected
def abilities def abilities