0aa56d895d
Added write_repository scope for personal access token
2019-04-15 13:05:55 +00:00
2fdda74458
Fall back to project repository type by default
...
This makes sure that we always have a repository type when trying to
parse a repository from a path.
This is needed because sometimes we want to perform access checks as
if the project already existed, for example when creating a project on
push.
Before this we were only doing that when accessing git over http, this
makes sure it also works correctly when accessing git over SSH
2019-04-05 10:51:42 +00:00
d36415b754
Allow multiple repositories per project
...
This changes the repository type from a binary `wiki?` to a type. So
we can have more than 2 repository types.
Now everywhere we called `.wiki?` and expected a boolean, we check
that type.
2019-03-26 13:21:03 +01:00
12ee2753c1
Enable even more frozen string in app/controllers
...
Enables frozen string for some vestigial files as
well as the following:
* app/controllers/projects/**/*.rb
* app/controllers/sherlock/**/*.rb
* app/controllers/snippets/**/*.rb
* app/controllers/users/**/*.rb
Partially addresses #47424 .
2018-09-25 22:43:49 -07:00
4ee08b77bc
Updates from `rubocop -a`
2018-07-09 21:13:08 +08:00
edcba1aa27
Allow HTTP(s) when git request is made by GitLab CI
2018-04-05 12:35:12 +02:00
a1781a4941
Consistently use PersonalAccessToken instead of PersonalToken
2017-11-02 11:39:02 +01:00
5d52bb59dc
Fix username and ID not logging in production_json.log for Git activity
...
Devise sets `current_user`, but not all controllers authenticate users by
session tokens. Try to use the controller-defined `authenticated_user` if
`current_user` is not available.
Closes gitlab-org/gitlab-ee#3611
2017-10-04 11:47:36 -07:00
8ef3bc5d75
Add “Project moved” error to Git-over-HTTP
2017-06-16 14:14:19 -07:00
cb5a5eb892
Instruct user to use a personal access token for Git over HTTP
...
If internal auth is disabled and LDAP is not configured on the instance,
present the user with a message to create a personal access token if his
Git over HTTP auth attempt fails.
2017-06-07 21:12:51 -04:00
bad08fbea2
Move CI access logic into GitAccess
2017-06-05 05:32:26 -07:00
b387429458
Refactor
2017-06-05 05:32:26 -07:00
5c7f9d69e3
Fix code for cops
2017-02-23 09:31:57 -06:00
8a4d68c53e
Enable Style/ConditionalAssignment
2017-02-23 09:31:57 -06:00
a0586dbc16
replace `find_with_namespace` with `find_by_full_path`
...
add complete changelog for !8949
2017-02-03 07:14:04 +07:00
232b401429
Fix access to the wiki code via HTTP when repository feature disabled
2017-01-25 15:38:38 -02:00
4b3c1e56ae
Move LfsHelper to a new LfsRequest concern
...
Also create a new WorkhorseRequest concern
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-11-23 17:28:11 +01:00
b0bf92140f
Merge branch 'fix-unathorized-cloning' into 'security'
...
Ensure external users are not able to clone disabled repositories.
Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788
See merge request !2017
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-11-09 12:27:17 +01:00
0672c5a92e
Post-merge improve of CI permissions
2016-09-20 15:41:41 +02:00
795acf2e4e
Move logic to check ci? or lfs_deploy_token? to Gitlab::Auth::Result
2016-09-20 11:03:10 +02:00
3c1bb3432b
Revert "Revert all changes introduced by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043 "
...
This reverts commit 6d43c95b70
2016-09-19 16:34:32 +02:00
6d43c95b70
Revert all changes introduced by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043
2016-09-19 13:45:28 +02:00
2742f9fb98
Improve authentication_result usage
2016-09-16 16:07:21 +02:00
f7ae37c1d0
Simplify checking of allowed abilities in git_http_client_controller
2016-09-16 13:34:05 +02:00
e941365f3b
Rename capabilities to authentication_abilities
2016-09-16 11:12:21 +02:00
ac6412d076
Added builds_spec and git_http_specs
2016-09-15 23:27:01 +02:00
83b643a014
Merge remote-tracking branch 'origin/lfs-support-for-ssh' into per-build-token
...
# Conflicts:
# app/controllers/projects/git_http_client_controller.rb
# app/helpers/lfs_helper.rb
# lib/gitlab/auth.rb
# spec/requests/lfs_http_spec.rb
2016-09-15 21:16:38 +02:00
be09bcf074
Refactored authentication code to make it a bit clearer, added test for wrong SSH key.
2016-09-15 12:21:00 -05:00
de24075ea5
Further refactoring of authentication code, and code style fixes.
2016-09-15 12:21:00 -05:00
71aff7f6a3
Use special characters for `lfs+deploy-key` to prevent a someone from creating a user with this username, and method name refactoring.
2016-09-15 12:21:00 -05:00
c144db2935
Better authentication handling, syntax fixes and better actor handling for LFS Tokens
2016-09-15 12:21:00 -05:00
cb85cf1f0a
Refactor LFS token logic to use a Redis key instead of a DB field, making it a 1 use only token.
2016-09-15 12:21:00 -05:00
e40e3fdc82
Added LFS support to SSH
...
- Required on the GitLab Rails side is mostly authentication and API related.
2016-09-15 12:21:00 -05:00
548169cfb5
Fix most of specs
2016-09-15 15:40:53 +02:00
9d1ccd2ad3
Fix existing authorization specs
2016-09-15 13:49:11 +02:00
571226f166
Make result to return project and capabilities granted
2016-09-13 15:27:05 +02:00
505dc808b3
Use a permissions of user to access all dependent projects from CI jobs (this also includes a container images, and in future LFS files)
2016-09-13 13:30:26 +02:00
c87540ed46
Verify JWT messages from gitlab-workhorse
2016-09-05 15:05:31 +02:00
2f86860a6d
Refactor `find_for_git_client` method to not use assignment in conditionals and syntax fixes.
2016-08-17 17:21:18 -05:00
5f5d8a8e09
Moved 2FA check to `auth.rb` and cleaned up the flow `authenticate_user`
2016-08-16 11:19:00 -05:00
f971026ad3
Added better information about the personal tokens
2016-08-16 11:19:00 -05:00
0f37721b60
2FA check is now done in the main GitHTTPClientController
2016-08-16 11:19:00 -05:00
0d9752446d
Add LFS controllers
2016-07-22 17:54:04 +02:00
Horatiu Eugen Vlad
Bob Van Landuyt
Bob Van Landuyt
gfyoung
Lin Jen-Shin
Tomasz Maczukin
Douwe Maan
Stan Hu
Michael Kozono
Robin Bobbitt
Adam Pahlevi
Douglas Barbosa Alexandre
Rémy Coutable
Douwe Maan
Kamil Trzcinski
Patricio Cano
Jacob Vosmaer