67cdb1d1be
Fix SpaceInsidePercentLiteralDelimiters cop
2018-09-20 21:54:14 +05:00
90f67306ab
Remove Gitlab::GitAccess#authed_via_jwt?
...
Previously overridden in EE but no longer required.
2018-09-08 14:43:24 +10:00
4fac214b5d
Update /api/v4/allowed
...
- Use proper HTTP codes for /api/v4/allowed response
- CustomAction support
2018-09-06 18:39:24 +10:00
c27a5d2344
GitAccess#check custom action support
...
- if #check_custom_action!(cmd) returns something, return from #check()
- now returns :Gitlab::GitAccessResult::Success.new instead of true
2018-09-06 18:38:19 +10:00
b2103cb431
Allow auth via JWT (always false in CE)
2018-08-14 15:56:44 +10:00
b98bff13de
Backport some changes from EE
2018-07-09 12:32:37 -05:00
e0768a9bcb
Allow triggered builds git access
...
Allow builds that have been triggered by a user before terms were
enforced access to git. That way the builds can complete as usual.
2018-05-11 15:20:11 +02:00
f7f13f9db0
Block access to API & git when terms are enforced
...
When terms are enforced, but the user has not accepted the terms
access to the API & git is rejected with a message directing the user
to the web app to accept the terms.
2018-05-10 17:02:27 +02:00
72220a99d1
Support Deploy Tokens properly without hacking abilities
2018-04-06 21:20:16 -05:00
370fc05da7
Implement 'read_repo' for DeployTokens
...
This will allow to download a repo using the token from the DeployToken
2018-04-06 21:20:16 -05:00
a18eea8c32
Automatically cleanup stale worktrees and lock files upon a push
...
git 2.16 will fail badly if there are stale worktrees.
Closes #44115
2018-04-06 08:17:07 -07:00
edcba1aa27
Allow HTTP(s) when git request is made by GitLab CI
2018-04-05 12:35:12 +02:00
869b7b31cf
Merge branch 'dm-deploy-keys-default-user' into 'master'
...
Ensure hooks run when a deploy key without a user pushes
Closes #44317
See merge request gitlab-org/gitlab-ce!18057
2018-03-29 09:30:10 +00:00
7bca902a23
Fall back on ghost user when deploy key user is not set
2018-03-28 18:54:15 +02:00
ce69419a60
Remove permanent redirects
...
Removes permanent redirects, this means that redirects will only be
possible as long as the old route isn't taken by a new project/group.
2018-03-28 14:12:08 +02:00
4be20ba923
Respond 404 when repo does not exist
2018-02-24 16:22:29 -08:00
ea18e1bf28
Fix repo existence check in GitAccessWiki
2018-02-22 00:20:30 +00:00
c88fe70f90
Only check LFS integrity for first branch in push
2018-02-15 01:57:55 +00:00
8b4280cb25
Check ability ability before proceeding with project specific checks
2018-02-06 18:38:10 +00:00
1e56b3f476
Moves project creationg to git access check for git push
2018-02-06 16:52:29 +00:00
839829a778
Adds documentation for the feature
2018-02-06 13:35:35 +00:00
dc229c076c
Abstracts ProjectMoved and ProjectCreated into a BaseProject
2018-02-06 13:35:35 +00:00
e42a548f1d
Move new project on push logic to a service
2018-02-06 13:35:35 +00:00
bc78ae6985
Add specs
2018-02-06 13:35:35 +00:00
32b2ff2601
Adds remote messsage when project is created in a push over SSH or HTTP
2018-02-06 13:35:35 +00:00
35882e681b
Adds option to push over SSH to create a new project
2018-02-06 13:35:35 +00:00
921d2afc69
Adds option to push over HTTP to create a new project
2018-02-06 13:35:35 +00:00
562fb460b8
Allow git pull/push on project redirects
2017-12-08 17:42:43 +00:00
7af56500a1
refactor code to match EE changes
2017-12-07 17:13:40 +01:00
a64601b929
Move all rugged operation for ff_merge inside Gitlab::Git
...
We also delete some unused code related to the aforementioned feature.
2017-10-24 14:31:52 -03:00
d13669716a
Create idea of read-only database
...
In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo
secondary node). But in GitLab CE it also might be useful to have the
"read-only" idea around. So port it back to GitLab CE.
Also having the principle of read-only in GitLab CE would hopefully
lead to less errors introduced, doing write operations when there
aren't allowed for read-only calls.
Closes gitlab-org/gitlab-ce#37534 .
2017-10-06 22:37:40 +02:00
38607b48b6
[Backported from EE] Readonly flag for Projects
...
This is used in EE for the storage migration, and we want to use this
in CE as well to be able to migrate projects to hashed_storage.
2017-09-28 13:20:11 +01:00
b84ca08e35
Address review comments
2017-08-30 20:50:44 +01:00
b0f982fbdf
Add settings for minimum key strength and allowed key type
...
This is an amalgamation of:
* Cory Hinshaw: Initial implementation !5552
* Rémy Coutable: Updates !9350
* Nick Thomas: Resolve conflicts and add ED25519 support !13712
2017-08-30 20:50:44 +01:00
5b37f21bf2
Reduce duplication in GitAccess spec around error messages
...
- Adds a new `ProjectMovedError` class to encapsulate that error
condition. Inherits from `NotFoundError` so existing rescues should
continue to work.
- Separating that condition out of `NotFoundError` allowed us to
simplify the `raise_not_found` helper and avoid repeating the literal
string.
- Spec makes use of `ERROR_MESSAGES` hash to avoid repeating literal
error message strings.
2017-08-18 15:16:54 -04:00
af784cc6e2
Add “Project moved” error to Git-over-SSH
2017-06-16 14:14:19 -07:00
d7eee7332b
Extract and memoize `user_access`
...
Because it is sometimes never used.
2017-06-05 05:32:26 -07:00
0e3cfc75a3
Remove GitAccessStatus (no longer needed)
2017-06-05 05:32:26 -07:00
0a0f66c816
Refactor to remove a special case
2017-06-05 05:32:26 -07:00
7d469cf1c1
Fix would-be regression
...
57e3e942de
2017-06-05 05:32:26 -07:00
e8972c1190
Clarify error messages
...
And refactor to self-document a little better.
2017-06-05 05:32:26 -07:00
23d37382da
Refactor to let GitAccess errors bubble up
...
No external behavior change.
This allows `GitHttpController` to set the HTTP status based on the type of error. Alternatively, we could have added an attribute to GitAccessStatus, but this pattern seemed appropriate.
2017-06-05 05:32:26 -07:00
bad08fbea2
Move CI access logic into GitAccess
2017-06-05 05:32:26 -07:00
a738a446f4
Check disabled commands in GitAccess instead
2017-06-05 05:32:26 -07:00
ff8a053d5d
Fix Git over HTTP spec
...
* The spec has 7 failures at this point
* Specify rendered error messages
* Render the GitAccess message rather than “Access denied”
* Render the Not Found message provided by GitAccess, instead of a custom one
* Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller
* Add more thorough testing for authentication
* Dried up a lot of tests
* Fixed some broken tests
2017-06-05 05:32:26 -07:00
3de11e1a00
Don't pass `env` anymore to GitAccess, ChangeAccess, and ForcePush
...
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-04-10 16:10:18 +02:00
47270e1cfd
Backport changes from gitlab-org/gitlab-ee!1406
2017-03-13 12:31:27 +01:00
b7d8df503c
Enable Style/MutableConstant
2017-02-23 09:31:56 -06:00
c1d11bf57c
Rubocop prefers to indent this way
2016-12-20 23:30:01 +08:00
884f57c910
Use consistent names and move checks to the method,
...
and move those checks to be private. Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7383#note_20285012
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7383#note_20285279
2016-12-20 21:19:07 +08:00
Semyon Pupkov
Ash McKenzie
Rubén Dávila
Bob Van Landuyt
Kamil Trzciński
Mayra Cabrera
Stan Hu
Tomasz Maczukin
Sean McGivern
Douwe Maan
Michael Kozono
Jacob Vosmaer (GitLab)
James Edwards-Jones
Tiago Botelho
James Lopez
Alejandro Rodríguez
Toon Claes
Gabriel Mazetto
Nick Thomas
Robert Speicher
Rémy Coutable
Adam Niedzielski
Lin Jen-Shin