diff options
author | Patricio Cano <suprnova32@gmail.com> | 2016-06-21 04:40:56 +0300 |
---|---|---|
committer | Patricio Cano <suprnova32@gmail.com> | 2016-07-06 00:54:22 +0300 |
commit | 7735ef86f0714a5b2a4cb4db8ec0471654563885 (patch) | |
tree | 5f56b0348da8870736339150b669069f84e43fd1 /app | |
parent | ea9d910c8bd2774cf48a5b6092704143a7505011 (diff) |
Only allow Git Access on the allowed protocol
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/projects/git_http_controller.rb | 2 | ||||
-rw-r--r-- | app/helpers/application_settings_helper.rb | 4 | ||||
-rw-r--r-- | app/helpers/button_helper.rb | 8 | ||||
-rw-r--r-- | app/models/application_setting.rb | 3 |
4 files changed, 9 insertions, 8 deletions
diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb index 62c3fa8de53..79a7e61e3fe 100644 --- a/app/controllers/projects/git_http_controller.rb +++ b/app/controllers/projects/git_http_controller.rb @@ -162,7 +162,7 @@ class Projects::GitHttpController < Projects::ApplicationController return false unless Gitlab.config.gitlab_shell.upload_pack if user - Gitlab::GitAccess.new(user, project).download_access_check.allowed? + Gitlab::GitAccess.new(user, project, 'http').download_access_check.allowed? else ci? || project.public? end diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index 4cbb7c54cb7..19403388dc6 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -47,9 +47,9 @@ module ApplicationSettingsHelper def enabled_project_tooltip(project, protocol) case protocol when 'ssh' - sanitize_clone_button(ssh_clone_button(project)) + sanitize_clone_button(ssh_clone_button(project, 'bottom')) else - sanitize_clone_button(http_clone_button(project)) + sanitize_clone_button(http_clone_button(project, 'bottom')) end end diff --git a/app/helpers/button_helper.rb b/app/helpers/button_helper.rb index 9051a493b9b..a64e96eaec9 100644 --- a/app/helpers/button_helper.rb +++ b/app/helpers/button_helper.rb @@ -40,7 +40,7 @@ module ButtonHelper type: :button end - def http_clone_button(project) + def http_clone_button(project, placement = 'right') klass = 'http-selector' klass << ' has-tooltip' if current_user.try(:require_password?) @@ -51,13 +51,13 @@ module ButtonHelper href: project.http_url_to_repo, data: { html: true, - placement: 'right', + placement: placement, container: 'body', title: "Set a password on your account<br>to pull or push via #{protocol}" } end - def ssh_clone_button(project) + def ssh_clone_button(project, placement = 'right') klass = 'ssh-selector' klass << ' has-tooltip' if current_user.try(:require_ssh_key?) @@ -66,7 +66,7 @@ module ButtonHelper href: project.ssh_url_to_repo, data: { html: true, - placement: 'right', + placement: placement, container: 'body', title: 'Add an SSH key to your profile<br>to pull or push via SSH.' } diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb index 7d0114fc549..314e69fa8b6 100644 --- a/app/models/application_setting.rb +++ b/app/models/application_setting.rb @@ -59,7 +59,8 @@ class ApplicationSetting < ActiveRecord::Base presence: true, inclusion: { in: ->(_object) { Gitlab.config.repositories.storages.keys } } - validates_inclusion_of :enabled_git_access_protocols, in: %w(ssh http), allow_blank: true, allow_nil: true + validates :enabled_git_access_protocols, + inclusion: { in: %w(ssh http), allow_blank: true, allow_nil: true } validates_each :restricted_visibility_levels do |record, attr, value| unless value.nil? |