BigW Consortium Gitlab

internal.rb 1.97 KB
Newer Older
1
module API
2
  # Internal access API
Dmitriy Zaporozhets committed
3
  class Internal < Grape::API
4 5 6 7

    DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }
    PUSH_COMMANDS = %w{ git-receive-pack }

8 9 10 11
    namespace 'internal' do
      #
      # Check if ssh key has access to project code
      #
12 13 14 15 16 17
      # Params:
      #   key_id - SSH Key id
      #   project - project path with namespace
      #   action - git action (git-upload-pack or git-receive-pack)
      #   ref - branch name
      #
18
      get "/allowed" do
19 20 21 22 23 24 25
        # Check for *.wiki repositories.
        # Strip out the .wiki from the pathname before finding the
        # project. This applies the correct project permissions to
        # the wiki repository as well.
        project_path = params[:project]
        project_path.gsub!(/\.wiki/,'') if project_path =~ /\.wiki/

26
        key = Key.find(params[:key_id])
27
        project = Project.find_with_namespace(project_path)
28
        git_cmd = params[:action]
29
        return false unless project
30 31


32
        if key.is_a? DeployKey
33
          key.projects.include?(project) && DOWNLOAD_COMMANDS.include?(git_cmd)
34 35
        else
          user = key.user
36 37 38

          return false if user.blocked?

39
          action = case git_cmd
40
                   when *DOWNLOAD_COMMANDS
41
                     then :download_code
42
                   when *PUSH_COMMANDS
43 44 45 46 47 48
                     then
                     if project.protected_branch?(params[:ref])
                       :push_code_to_protected_branches
                     else
                       :push_code
                     end
49
                   end
Dmitriy Zaporozhets committed
50

51 52
          user.can?(action, project)
        end
53 54 55 56 57 58 59
      end

      #
      # Discover user by ssh key
      #
      get "/discover" do
        key = Key.find(params[:key_id])
60
        present key.user, with: Entities::UserSafe
61
      end
Dmitriy Zaporozhets committed
62 63 64

      get "/check" do
        {
65
          api_version: API.version,
66 67
          gitlab_version: Gitlab::VERSION,
          gitlab_rev: Gitlab::REVISION,
Dmitriy Zaporozhets committed
68 69
        }
      end
Dmitriy Zaporozhets committed
70 71 72 73
    end
  end
end