Add latest changes from gitlab-org/gitlab@master

2 files changed, 13 insertions, 9 deletions

diff --git a/app/controllers/repositories/git_http_client_controller.rb b/app/controllers/repositories/git_http_client_controller.rb
index 76eb7c67205..d03daa406cf 100644
--- a/app/controllers/repositories/git_http_client_controller.rb
+++ b/app/controllers/repositories/git_http_client_controller.rb
@@ -6,7 +6,7 @@ module Repositories
     include KerberosSpnegoHelper
     include Gitlab::Utils::StrongMemoize
 
-    attr_reader :authentication_result, :redirected_path
+    attr_reader :authentication_result, :redirected_path, :container
 
     delegate :actor, :authentication_abilities, to: :authentication_result, allow_nil: true
     delegate :type, to: :authentication_result, allow_nil: true, prefix: :auth_result
@@ -81,7 +81,7 @@ module Repositories
     end
 
     def parse_repo_path
-      @project, @repo_type, @redirected_path = Gitlab::RepoPath.parse("#{params[:namespace_id]}/#{params[:repository_id]}")
+      @container, @project, @repo_type, @redirected_path = Gitlab::RepoPath.parse("#{params[:namespace_id]}/#{params[:repository_id]}")
     end
 
     def render_missing_personal_access_token
@@ -93,7 +93,7 @@ module Repositories
 
     def repository
       strong_memoize(:repository) do
-        repo_type.repository_for(project)
+        repo_type.repository_for(container)
       end
     end
 
@@ -117,7 +117,8 @@ module Repositories
     def http_download_allowed?
       Gitlab::ProtocolAccess.allowed?('http') &&
       download_request? &&
-      project && Guest.can?(:download_code, project)
+      container &&
+      Guest.can?(repo_type.guest_read_ability, container)
     end
   end
 end
diff --git a/app/controllers/repositories/git_http_controller.rb b/app/controllers/repositories/git_http_controller.rb
index 5c2b6089bff..5ce2ed77417 100644
--- a/app/controllers/repositories/git_http_controller.rb
+++ b/app/controllers/repositories/git_http_controller.rb
@@ -84,10 +84,10 @@ module Repositories
     end
 
     def access
-      @access ||= access_klass.new(access_actor, project, 'http',
+      @access ||= access_klass.new(access_actor, container, 'http',
         authentication_abilities: authentication_abilities,
         namespace_path: params[:namespace_id],
-        project_path: project_path,
+        repository_path: repository_path,
         redirected_path: redirected_path,
         auth_result_type: auth_result_type)
     end
@@ -99,15 +99,18 @@ module Repositories
 
     def access_check
       access.check(git_command, Gitlab::GitAccess::ANY)
-      @project ||= access.project
+
+      if repo_type.project? && !container
+        @project = @container = access.project
+      end
     end
 
     def access_klass
       @access_klass ||= repo_type.access_checker_class
     end
 
-    def project_path
-      @project_path ||= params[:repository_id].sub(/\.git$/, '')
+    def repository_path
+      @repository_path ||= params[:repository_id].sub(/\.git$/, '')
     end
 
     def log_user_activity