8c2172f215
Move push size check to EE module
...
# Conflicts:
# ee/lib/ee/gitlab/git_access.rb
# lib/gitlab/git_access.rb
2019-01-02 15:31:33 +01:00
3a0ae96c0e
Don't run single change checks when changes are unknown
...
When the `changes` passed to `GitAccess` are the literal string `_any`,
which indicates that this is a pre-authorization check, we now check
whether the user can push to any branch in the project in question,
instead of running the per-change check with `oldrev` `_any`, `newrev`
`nil`, and `ref` `nil`.
2019-01-02 15:31:32 +01:00
551e84c2cb
Skip change access check for deploy keys
2019-01-02 15:31:32 +01:00
55723c223f
Move magic '_any' string to constant
2019-01-02 15:31:31 +01:00
e0225aea1b
Iterating through commit list times out
...
Validating each commit on ChangeAccess times out if
it already took too long to complete.
Improves the TimedLogger specs to not make use of a stubbed
class anymore
2018-10-25 10:52:03 +01:00
cb5f4d0cad
Refactors TimedLogger to be more OOP compliant
...
Adds a #full_message method so that external classes
do not have access to the state of the logger.
Adds a #append_message to always append to the array in-place
2018-10-25 10:10:46 +01:00
084a8b6101
Adds tracing messages for slow git pushes
...
Whenever a git push takes more than 50 seconds the user
will receive a trace from each check performed along with
their timings
2018-10-25 10:10:45 +01:00
c858f70d07
Enable frozen string for lib/gitlab/*.rb
2018-10-22 07:00:50 +00:00
67cdb1d1be
Fix SpaceInsidePercentLiteralDelimiters cop
2018-09-20 21:54:14 +05:00
90f67306ab
Remove Gitlab::GitAccess#authed_via_jwt?
...
Previously overridden in EE but no longer required.
2018-09-08 14:43:24 +10:00
4fac214b5d
Update /api/v4/allowed
...
- Use proper HTTP codes for /api/v4/allowed response
- CustomAction support
2018-09-06 18:39:24 +10:00
c27a5d2344
GitAccess#check custom action support
...
- if #check_custom_action!(cmd) returns something, return from #check()
- now returns :Gitlab::GitAccessResult::Success.new instead of true
2018-09-06 18:38:19 +10:00
b2103cb431
Allow auth via JWT (always false in CE)
2018-08-14 15:56:44 +10:00
b98bff13de
Backport some changes from EE
2018-07-09 12:32:37 -05:00
e0768a9bcb
Allow triggered builds git access
...
Allow builds that have been triggered by a user before terms were
enforced access to git. That way the builds can complete as usual.
2018-05-11 15:20:11 +02:00
f7f13f9db0
Block access to API & git when terms are enforced
...
When terms are enforced, but the user has not accepted the terms
access to the API & git is rejected with a message directing the user
to the web app to accept the terms.
2018-05-10 17:02:27 +02:00
72220a99d1
Support Deploy Tokens properly without hacking abilities
2018-04-06 21:20:16 -05:00
370fc05da7
Implement 'read_repo' for DeployTokens
...
This will allow to download a repo using the token from the DeployToken
2018-04-06 21:20:16 -05:00
a18eea8c32
Automatically cleanup stale worktrees and lock files upon a push
...
git 2.16 will fail badly if there are stale worktrees.
Closes #44115
2018-04-06 08:17:07 -07:00
edcba1aa27
Allow HTTP(s) when git request is made by GitLab CI
2018-04-05 12:35:12 +02:00
869b7b31cf
Merge branch 'dm-deploy-keys-default-user' into 'master'
...
Ensure hooks run when a deploy key without a user pushes
Closes #44317
See merge request gitlab-org/gitlab-ce!18057
2018-03-29 09:30:10 +00:00
7bca902a23
Fall back on ghost user when deploy key user is not set
2018-03-28 18:54:15 +02:00
ce69419a60
Remove permanent redirects
...
Removes permanent redirects, this means that redirects will only be
possible as long as the old route isn't taken by a new project/group.
2018-03-28 14:12:08 +02:00
4be20ba923
Respond 404 when repo does not exist
2018-02-24 16:22:29 -08:00
ea18e1bf28
Fix repo existence check in GitAccessWiki
2018-02-22 00:20:30 +00:00
c88fe70f90
Only check LFS integrity for first branch in push
2018-02-15 01:57:55 +00:00
8b4280cb25
Check ability ability before proceeding with project specific checks
2018-02-06 18:38:10 +00:00
1e56b3f476
Moves project creationg to git access check for git push
2018-02-06 16:52:29 +00:00
839829a778
Adds documentation for the feature
2018-02-06 13:35:35 +00:00
dc229c076c
Abstracts ProjectMoved and ProjectCreated into a BaseProject
2018-02-06 13:35:35 +00:00
e42a548f1d
Move new project on push logic to a service
2018-02-06 13:35:35 +00:00
bc78ae6985
Add specs
2018-02-06 13:35:35 +00:00
32b2ff2601
Adds remote messsage when project is created in a push over SSH or HTTP
2018-02-06 13:35:35 +00:00
35882e681b
Adds option to push over SSH to create a new project
2018-02-06 13:35:35 +00:00
921d2afc69
Adds option to push over HTTP to create a new project
2018-02-06 13:35:35 +00:00
562fb460b8
Allow git pull/push on project redirects
2017-12-08 17:42:43 +00:00
7af56500a1
refactor code to match EE changes
2017-12-07 17:13:40 +01:00
a64601b929
Move all rugged operation for ff_merge inside Gitlab::Git
...
We also delete some unused code related to the aforementioned feature.
2017-10-24 14:31:52 -03:00
d13669716a
Create idea of read-only database
...
In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo
secondary node). But in GitLab CE it also might be useful to have the
"read-only" idea around. So port it back to GitLab CE.
Also having the principle of read-only in GitLab CE would hopefully
lead to less errors introduced, doing write operations when there
aren't allowed for read-only calls.
Closes gitlab-org/gitlab-ce#37534 .
2017-10-06 22:37:40 +02:00
38607b48b6
[Backported from EE] Readonly flag for Projects
...
This is used in EE for the storage migration, and we want to use this
in CE as well to be able to migrate projects to hashed_storage.
2017-09-28 13:20:11 +01:00
b84ca08e35
Address review comments
2017-08-30 20:50:44 +01:00
b0f982fbdf
Add settings for minimum key strength and allowed key type
...
This is an amalgamation of:
* Cory Hinshaw: Initial implementation !5552
* Rémy Coutable: Updates !9350
* Nick Thomas: Resolve conflicts and add ED25519 support !13712
2017-08-30 20:50:44 +01:00
5b37f21bf2
Reduce duplication in GitAccess spec around error messages
...
- Adds a new `ProjectMovedError` class to encapsulate that error
condition. Inherits from `NotFoundError` so existing rescues should
continue to work.
- Separating that condition out of `NotFoundError` allowed us to
simplify the `raise_not_found` helper and avoid repeating the literal
string.
- Spec makes use of `ERROR_MESSAGES` hash to avoid repeating literal
error message strings.
2017-08-18 15:16:54 -04:00
af784cc6e2
Add “Project moved” error to Git-over-SSH
2017-06-16 14:14:19 -07:00
d7eee7332b
Extract and memoize `user_access`
...
Because it is sometimes never used.
2017-06-05 05:32:26 -07:00
0e3cfc75a3
Remove GitAccessStatus (no longer needed)
2017-06-05 05:32:26 -07:00
0a0f66c816
Refactor to remove a special case
2017-06-05 05:32:26 -07:00
7d469cf1c1
Fix would-be regression
...
57e3e942de
2017-06-05 05:32:26 -07:00
e8972c1190
Clarify error messages
...
And refactor to self-document a little better.
2017-06-05 05:32:26 -07:00
23d37382da
Refactor to let GitAccess errors bubble up
...
No external behavior change.
This allows `GitHttpController` to set the HTTP status based on the type of error. Alternatively, we could have added an attribute to GitAccessStatus, but this pattern seemed appropriate.
2017-06-05 05:32:26 -07:00
Douwe Maan
Tiago Botelho
gfyoung
Semyon Pupkov
Ash McKenzie
Rubén Dávila
Bob Van Landuyt
Kamil Trzciński
Mayra Cabrera
Stan Hu
Tomasz Maczukin
Sean McGivern
Michael Kozono
Jacob Vosmaer (GitLab)
James Edwards-Jones
James Lopez
Alejandro Rodríguez
Toon Claes
Gabriel Mazetto
Nick Thomas
Robert Speicher