BigW Consortium Gitlab

internal.rb 1.93 KB
Newer Older
1
module API
2
  # Internal access API
Dmitriy Zaporozhets committed
3
  class Internal < Grape::API
4
    before { authenticate_by_gitlab_shell_token! }
5

6
    namespace 'internal' do
7
      # Check if git command is allowed to project
8
      #
9
      # Params:
10 11
      #   key_id - ssh key id for Git over SSH
      #   user_id - user id for Git over HTTP
12 13 14
      #   project - project path with namespace
      #   action - git action (git-upload-pack or git-receive-pack)
      #   ref - branch name
15
      #   forced_push - forced_push
16
      #
17
      post "/allowed" do
18
        status 200
19
        project_path = params[:project]
20

21 22 23 24
        # Check for *.wiki repositories.
        # Strip out the .wiki from the pathname before finding the
        # project. This applies the correct project permissions to
        # the wiki repository as well.
25
        access =
26 27
          if project_path.end_with?('.wiki')
            project_path.chomp!('.wiki')
28 29 30 31 32
            Gitlab::GitAccessWiki.new
          else
            Gitlab::GitAccess.new
          end

33
        project = Project.find_with_namespace(project_path)
34 35 36 37

        unless project
          return Gitlab::GitAccessStatus.new(false, 'No such project')
        end
38

39
        actor = if params[:key_id]
40
                  Key.find_by(id: params[:key_id])
41
                elsif params[:user_id]
42
                  User.find_by(id: params[:user_id])
43 44
                end

45 46 47
        unless actor
          return Gitlab::GitAccessStatus.new(false, 'No such user or key')
        end
48

49
        access.check(
50 51 52
          actor,
          params[:action],
          project,
53
          params[:changes]
54
        )
55 56 57 58 59 60 61
      end

      #
      # Discover user by ssh key
      #
      get "/discover" do
        key = Key.find(params[:key_id])
62
        present key.user, with: Entities::UserSafe
63
      end
Dmitriy Zaporozhets committed
64 65 66

      get "/check" do
        {
67
          api_version: API.version,
68 69
          gitlab_version: Gitlab::VERSION,
          gitlab_rev: Gitlab::REVISION,
Dmitriy Zaporozhets committed
70 71
        }
      end
Dmitriy Zaporozhets committed
72 73 74
    end
  end
end