From 41c87b9a23d7ebf24c3c100a4c261b8d2a68d0ff Mon Sep 17 00:00:00 2001
From: Patricio Cano <suprnova32@gmail.com>
Date: Thu, 23 Jun 2016 17:37:57 -0500
Subject: [PATCH] Return :forbidden if HTTP protocol access is not allowed

---
 app/controllers/projects/git_http_controller.rb | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb
index f124333bd5b..072702ec9a2 100644
--- a/app/controllers/projects/git_http_controller.rb
+++ b/app/controllers/projects/git_http_controller.rb
@@ -19,6 +19,8 @@ class Projects::GitHttpController < Projects::ApplicationController
       render_ok
     elsif receive_pack? && receive_pack_allowed?
       render_ok
+    elsif !upload_pack_allowed?
+      render_not_allowed
     else
       render_not_found
     end
@@ -154,6 +156,10 @@ class Projects::GitHttpController < Projects::ApplicationController
     render plain: 'Not Found', status: :not_found
   end
 
+  def render_not_allowed
+    render json: access.to_json, status: :forbidden
+  end
+
   def ci?
     @ci.present?
   end