BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
5fe06d73
Commit
5fe06d73
authored
Mar 24, 2016
by
Jacob Vosmaer
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add some upload specs
parent
5f370841
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
89 additions
and
10 deletions
+89
-10
git_http_controller.rb
app/controllers/projects/git_http_controller.rb
+29
-7
git_http_spec.rb
spec/requests/git_http_spec.rb
+60
-3
No files found.
app/controllers/projects/git_http_controller.rb
View file @
5fe06d73
...
@@ -5,10 +5,12 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -5,10 +5,12 @@ class Projects::GitHttpController < Projects::ApplicationController
def
git_rpc
def
git_rpc
if
upload_pack?
&&
upload_pack_allowed?
if
upload_pack?
&&
upload_pack_allowed?
render_ok
and
return
render_ok
elsif
receive_pack?
&&
receive_pack_allowed?
render_ok
else
render_not_found
end
end
render_not_found
end
end
%i{info_refs git_receive_pack git_upload_pack}
.
each
do
|
method
|
%i{info_refs git_receive_pack git_upload_pack}
.
each
do
|
method
|
...
@@ -30,7 +32,7 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -30,7 +32,7 @@ class Projects::GitHttpController < Projects::ApplicationController
end
end
def
project_found?
def
project_found?
render_not_found
if
project
.
nil
?
render_not_found
if
project
.
blank
?
end
end
def
ci_request?
(
login
,
password
)
def
ci_request?
(
login
,
password
)
...
@@ -124,13 +126,21 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -124,13 +126,21 @@ class Projects::GitHttpController < Projects::ApplicationController
end
end
def
upload_pack?
def
upload_pack?
rpc
==
'git-upload-pack'
end
def
receive_pack?
rpc
==
'git-receive-pack'
end
def
rpc
if
action_name
==
'info_refs'
if
action_name
==
'info_refs'
params
[
:service
]
==
'git-upload-pack'
params
[
:service
]
else
else
action_name
==
'git_upload_pack'
action_name
.
gsub
(
'_'
,
'-'
)
end
end
end
end
def
render_ok
def
render_ok
render
json:
{
render
json:
{
'GL_ID'
=>
Gitlab
::
ShellEnv
.
gl_id
(
@user
),
'GL_ID'
=>
Gitlab
::
ShellEnv
.
gl_id
(
@user
),
...
@@ -164,4 +174,16 @@ class Projects::GitHttpController < Projects::ApplicationController
...
@@ -164,4 +174,16 @@ class Projects::GitHttpController < Projects::ApplicationController
false
false
end
end
end
end
def
receive_pack_allowed?
if
!
Gitlab
.
config
.
gitlab_shell
.
receive_pack
false
elsif
user
# Skip user authorization on upload request.
# It will be done by the pre-receive hook in the repository.
true
else
false
end
end
end
end
spec/requests/git_http_spec.rb
View file @
5fe06d73
...
@@ -61,12 +61,38 @@ describe 'Git HTTP requests', lib: true do
...
@@ -61,12 +61,38 @@ describe 'Git HTTP requests', lib: true do
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
project
.
update_attribute
(
:visibility_level
,
Project
::
PUBLIC
)
end
end
it
"
responds with
status 200"
do
it
"
downloads get
status 200"
do
download
(
path
,
env
)
do
|
response
|
download
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
.
status
).
to
eq
(
200
)
end
end
end
end
it
"uploads get status 401"
do
upload
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
401
)
end
end
context
"with correct credentials"
do
let
(
:env
)
{
{
user:
user
.
username
,
password:
user
.
password
}
}
it
"uploads get status 200 (because Git hooks do the real check)"
do
upload
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
200
)
end
end
context
'but git-receive-pack is disabled'
do
it
"responds with status 404"
do
allow
(
Gitlab
.
config
.
gitlab_shell
).
to
receive
(
:receive_pack
).
and_return
(
false
)
upload
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
404
)
end
end
end
end
context
'but git-upload-pack is disabled'
do
context
'but git-upload-pack is disabled'
do
it
"responds with status 404"
do
it
"responds with status 404"
do
allow
(
Gitlab
.
config
.
gitlab_shell
).
to
receive
(
:upload_pack
).
and_return
(
false
)
allow
(
Gitlab
.
config
.
gitlab_shell
).
to
receive
(
:upload_pack
).
and_return
(
false
)
...
@@ -133,13 +159,19 @@ describe 'Git HTTP requests', lib: true do
...
@@ -133,13 +159,19 @@ describe 'Git HTTP requests', lib: true do
end
end
context
"when the user isn't blocked"
do
context
"when the user isn't blocked"
do
it
"
responds with
status 200"
do
it
"
downloads
status 200"
do
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:reset
)
expect
(
Rack
::
Attack
::
Allow2Ban
).
to
receive
(
:reset
)
clone_get
(
path
,
env
)
clone_get
(
path
,
env
)
expect
(
response
.
status
).
to
eq
(
200
)
expect
(
response
.
status
).
to
eq
(
200
)
end
end
it
"uploads get status 200"
do
upload
(
path
,
env
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
200
)
end
end
end
end
context
"when blank password attempts follow a valid login"
do
context
"when blank password attempts follow a valid login"
do
...
@@ -174,11 +206,17 @@ describe 'Git HTTP requests', lib: true do
...
@@ -174,11 +206,17 @@ describe 'Git HTTP requests', lib: true do
end
end
context
"when the user doesn't have access to the project"
do
context
"when the user doesn't have access to the project"
do
it
"
responds with
status 404"
do
it
"
downloads get
status 404"
do
download
(
path
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
download
(
path
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
404
)
expect
(
response
.
status
).
to
eq
(
404
)
end
end
end
end
it
"uploads get status 200 (because Git hooks do the real check)"
do
upload
(
path
,
user:
user
.
username
,
password:
user
.
password
)
do
|
response
|
expect
(
response
.
status
).
to
eq
(
200
)
end
end
end
end
end
end
end
end
...
@@ -196,6 +234,7 @@ describe 'Git HTTP requests', lib: true do
...
@@ -196,6 +234,7 @@ describe 'Git HTTP requests', lib: true do
end
end
end
end
end
end
def
clone_get
(
project
,
options
=
{})
def
clone_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-upload-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-upload-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
end
end
...
@@ -204,6 +243,14 @@ describe 'Git HTTP requests', lib: true do
...
@@ -204,6 +243,14 @@ describe 'Git HTTP requests', lib: true do
post
"/
#{
project
}
/git-upload-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
post
"/
#{
project
}
/git-upload-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
end
end
def
push_get
(
project
,
options
=
{})
get
"/
#{
project
}
/info/refs"
,
{
service:
'git-receive-pack'
},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
end
def
push_post
(
project
,
options
=
{})
post
"/
#{
project
}
/git-receive-pack"
,
{},
auth_env
(
*
options
.
values_at
(
:user
,
:password
))
end
def
download
(
project
,
user:
nil
,
password:
nil
)
def
download
(
project
,
user:
nil
,
password:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
}]
args
=
[
project
,
{
user:
user
,
password:
password
}]
...
@@ -214,6 +261,16 @@ describe 'Git HTTP requests', lib: true do
...
@@ -214,6 +261,16 @@ describe 'Git HTTP requests', lib: true do
yield
response
yield
response
end
end
def
upload
(
project
,
user:
nil
,
password:
nil
)
args
=
[
project
,
{
user:
user
,
password:
password
}]
push_get
*
args
yield
response
push_post
*
args
yield
response
end
def
auth_env
(
user
,
password
)
def
auth_env
(
user
,
password
)
if
user
&&
password
if
user
&&
password
{
'HTTP_AUTHORIZATION'
=>
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
}
{
'HTTP_AUTHORIZATION'
=>
ActionController
::
HttpAuthentication
::
Basic
.
encode_credentials
(
user
,
password
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment