BigW Consortium Gitlab

Commit 66998f6d by Dmitriy Zaporozhets

Allow non authenticated user access to public projects

parent e894e3ee
......@@ -382,3 +382,8 @@ table {
width: 50px;
min-height: 100px;
}
.navbar-gitlab .navbar-inner .nav > li .btn-sign-in {
@extend .btn-new;
padding: 5px 15px;
}
class Projects::ApplicationController < ApplicationController
before_filter :project
before_filter :repository
layout 'projects'
layout :determine_layout
def authenticate_user!
# Restrict access to Projects area only
# for non-signed users
if !current_user
id = params[:project_id] || params[:id]
@project = Project.find_with_namespace(id)
return if @project && @project.public
end
super
end
def determine_layout
if current_user
'projects'
else
'public'
end
end
end
class ProjectsController < Projects::ApplicationController
skip_before_filter :authenticate_user!, only: [:show]
skip_before_filter :project, only: [:new, :create]
skip_before_filter :repository, only: [:new, :create]
......@@ -54,6 +55,8 @@ class ProjectsController < Projects::ApplicationController
end
def show
return authenticate_user! unless @project.public
limit = (params[:limit] || 20).to_i
@events = @project.events.recent
......@@ -69,8 +72,10 @@ class ProjectsController < Projects::ApplicationController
if @project.empty_repo?
render "projects/empty"
else
@last_push = current_user.recent_push(@project.id)
render :show
if current_user
@last_push = current_user.recent_push(@project.id)
end
render :show, layout: current_user ? "project" : "public"
end
end
format.js
......
......@@ -90,6 +90,8 @@ module ApplicationHelper
end
def search_autocomplete_source
return unless current_user
projects = current_user.authorized_projects.map { |p| { label: "project: #{simple_sanitize(p.name_with_namespace)}", url: project_path(p) } }
groups = current_user.authorized_groups.map { |group| { label: "group: #{simple_sanitize(group.name)}", url: group_path(group) } }
......
class Ability
class << self
def allowed(user, subject)
return not_auth_abilities(user, subject) if user.nil?
return [] unless user.kind_of?(User)
return [] if user.blocked?
......@@ -17,6 +18,24 @@ class Ability
end.concat(global_abilities(user))
end
# List of possible abilities
# for non-authenticated user
def not_auth_abilities(user, subject)
project = if subject.kind_of?(Project)
subject
elsif subject.respond_to?(:project)
subject.project
else
nil
end
if project && project.public
public_project_rules
else
[]
end
end
def global_abilities(user)
rules = []
rules << :create_group if user.can_create_group
......@@ -58,19 +77,9 @@ class Ability
end
def public_project_rules
[
project_guest_rules + [
:download_code,
:fork_project,
:read_project,
:read_wiki,
:read_issue,
:read_milestone,
:read_project_snippet,
:read_team_member,
:read_merge_request,
:read_note,
:write_issue,
:write_note
]
end
......
!!! 5
%html{ lang: "en"}
= render "layouts/head", title: "Public Projects"
%body{class: "#{app_theme} application", :'data-page' => body_data_page}
%body{class: "ui_mars application", :'data-page' => body_data_page}
- if current_user
= render "layouts/head_panel", title: "Public Projects"
- else
......@@ -13,7 +13,12 @@
= link_to public_root_path, class: "home" do
%h1 GITLAB
%span.separator
%h1.project_name Public Projects
%h1.project_name
- if @project
= project_title(@project)
- else
Public Projects
%ul.nav
%li
%a
......@@ -21,8 +26,14 @@
%i.icon-refresh.icon-spin
Loading...
%li
= link_to "Sign in", new_session_path(:user)
= link_to "Sign in", new_session_path(:user), class: 'btn btn-sign-in'
- if @project
%nav.main-nav
.container= render 'layouts/nav/project'
.container.navless-container
.content
= yield
.container
.content= yield
- else
.container.navless-container
.content= yield
......@@ -5,7 +5,7 @@
.span3.pull-right
.pull-right
- unless @project.empty_repo?
- if can?(current_user, :fork_project, @project) && @project.namespace != current_user.namespace
- if current_user && can?(current_user, :fork_project, @project) && @project.namespace != current_user.namespace
- if current_user.already_forked?(@project)
= link_to project_path(current_user.fork_of(@project)), class: 'btn grouped disabled' do
%i.icon-code-fork
......
......@@ -21,7 +21,7 @@
Stats
- if current_controller?(:commits) && current_user.private_token
- if current_user && current_controller?(:commits) && current_user.private_token
%li.pull-right
= link_to project_commits_path(@project, @ref, {format: :atom, private_token: current_user.private_token}), title: "Feed" do
%i.icon-rss
......@@ -5,6 +5,7 @@
= link_to 'Milestones', project_milestones_path(@project), class: "tab"
= nav_link(controller: :labels) do
= link_to 'Labels', project_labels_path(@project), class: "tab"
%li.pull-right
= link_to project_issues_path(@project, :atom, { private_token: current_user.private_token }) do
%i.icon-rss
- if current_user
%li.pull-right
= link_to project_issues_path(@project, :atom, { private_token: current_user.private_token }) do
%i.icon-rss
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment