diff options
| author | Rémy Coutable <remy@rymai.me> | 2017-11-08 19:21:41 +0300 |
|---|---|---|
| committer | Winnie Hellmann <winnie@gitlab.com> | 2017-11-10 01:14:26 +0300 |
| commit | 64fb6f7a2d90d43e0c1f732b52d4ca21568cfec2 (patch) | |
| tree | 9817869e4ed30b9ab05480c8b3daa6776148e557 /lib | |
| parent | 8096bca62483b6a3e2779b5976eb0dc6bab8ee9a (diff) | |
Merge branch 'sh-fix-lfs-write-deploy-keys' into 'master'
Fix Error 500 when pushing LFS objects with a write deploy key
Closes #39467
See merge request gitlab-org/gitlab-ce!15039
(cherry picked from commit 07ab4ad60a894d60ac561f9fdbd641fac90b4acc)
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/gitlab/auth.rb | 15 | ||||
| -rw-r--r-- | lib/gitlab/lfs_token.rb | 4 |
2 files changed, 15 insertions, 4 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 0ad9285c0ea..cbbc51db99e 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -25,7 +25,7 @@ module Gitlab result = service_request_check(login, password, project) || build_access_token_check(login, password) || - lfs_token_check(login, password) || + lfs_token_check(login, password, project) || oauth_access_token_check(login, password) || personal_access_token_check(password) || user_with_password_for_git(login, password) || @@ -146,7 +146,7 @@ module Gitlab end.flatten.uniq end - def lfs_token_check(login, password) + def lfs_token_check(login, password, project) deploy_key_matches = login.match(/\Alfs\+deploy-key-(\d+)\z/) actor = @@ -163,6 +163,8 @@ module Gitlab authentication_abilities = if token_handler.user? full_authentication_abilities + elsif token_handler.deploy_key_pushable?(project) + read_write_authentication_abilities else read_authentication_abilities end @@ -208,10 +210,15 @@ module Gitlab ] end - def full_authentication_abilities + def read_write_authentication_abilities read_authentication_abilities + [ :push_code, - :create_container_image, + :create_container_image + ] + end + + def full_authentication_abilities + read_write_authentication_abilities + [ :admin_container_image ] end diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb index 8e57ba831c5..ead5d566871 100644 --- a/lib/gitlab/lfs_token.rb +++ b/lib/gitlab/lfs_token.rb @@ -27,6 +27,10 @@ module Gitlab end end + def deploy_key_pushable?(project) + actor.is_a?(DeployKey) && actor.can_push_to?(project) + end + def user? actor.is_a?(User) end |