diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-24 18:17:22 +0400 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-10-24 18:17:22 +0400 |
| commit | 0542261437fd9df7539fe480069449b566057300 (patch) | |
| tree | feca4cbcd39cc1144285f41179f5922e3c0dc13b /lib | |
| parent | 71f92d453926085ddf02216cfddbb6de3e6bb72f (diff) | |
Allow git clone with http for GitLab CI service:
If you enable GitLab CI for project you will be able to clone project
source code with next command:
git clone http://gitlab-ci-token:XXXXXXXXXXXX@host:project.git
Requires for GitLab CI 4.0
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/backend/grack_auth.rb | 29 |
1 files changed, 21 insertions, 8 deletions
diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb index c522e0a413b..e09cf311972 100644 --- a/lib/gitlab/backend/grack_auth.rb +++ b/lib/gitlab/backend/grack_auth.rb @@ -38,6 +38,16 @@ module Grack # Authentication with username and password login, password = @auth.credentials + # Allow authentication for GitLab CI service + # if valid token passed + if login == "gitlab-ci-token" && project.gitlab_ci? + token = project.gitlab_ci_service.token + + if token.present? && token == password && service_name == 'git-upload-pack' + return @app.call(env) + end + end + @user = authenticate_user(login, password) if @user @@ -59,14 +69,7 @@ module Grack end def authorized_git_request? - # Git upload and receive - if @request.get? - authorize_request(@request.params['service']) - elsif @request.post? - authorize_request(File.basename(@request.path)) - else - false - end + authorize_request(service_name) end def authenticate_user(login, password) @@ -91,6 +94,16 @@ module Grack end end + def service_name + if @request.get? + @request.params['service'] + elsif @request.post? + File.basename(@request.path) + else + nil + end + end + def project @project ||= project_by_path(@request.path_info) end |