6912f21e5c
Send GL_ID to gitlab-git-http-server as JSON
2015-07-28 15:55:53 +02:00
ae9e5eea3c
Handle missing @user during Git HTTP requests
2015-07-28 15:17:06 +02:00
d3305df7aa
Experimental support for gitlab-git-http-server
...
https://gitlab.com/gitlab-org/gitlab-git-http-server
This change introduces the GITLAB_GRACK_AUTH_ONLY environment
variable. When set, Grack requests to GitLab will only respond with
the user's GL_ID (if the request is OK) or an error. This allows
gitlab-git-http-server to use the main GitLab application as an
authentication and authorization backend.
If we like how this works we should drop the GITLAB_GRACK_AUTH_ONLY
variable at some point in the future.
2015-07-28 14:33:19 +02:00
a87989fb7d
Remove satellites
2015-07-15 15:45:57 +02:00
555fd0cf4a
Fix downloading of patches on public merge requests when user logged out
...
Closes #1225
Closes #1854
Closes #1858
2015-06-23 05:34:21 -07:00
97ff86e07c
Move repository when project is removed
...
Ths commit does next:
* When we remove project we move repository to path+deleted.git
* Then we schedule removal of path+deleted with sidekiq
* If repository move failed we abort project removal
This should help us with NFS issue when project get removed but
repository stayed. The full explanation of problem is below:
* rm -rf project.git
* rm -rf removes project.git/objects/foo
* NFS server renames foo to foo.nfsXXXX because some NFS client (think
* Unicorn) still has the file open
* rm -rf exits, but project.git/objects/foo.nfsXXX still exists
* Unicorn closes the file, the NFS client closes the file (foo), and the
* NFS server removes foo.nfsXXX
* the directory project.git/objects/ still exists => problem
So now we move repository and even if repository removal failed
Repository directory is moved so no bugs with project removed but
repository directory taken. User still able to create new project with
same name. From administrator perspective you can easily find stalled
repositories by searching `*+deleted.git`
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2015-06-03 13:05:43 +02:00
3b22cfe600
Remove Rack Attack monkey patches and bump to version 4.3.0
2015-05-22 16:25:03 -04:00
f915a4b80f
Warn when gitlab-shell version doesn't match requirement.
2015-04-06 14:02:49 +02:00
8f3f6e9efb
Merge branch 'api-internal-errors' into 'master'
...
Respond with full GitAccess error if user has project read access.
Should help with debugging #1236 .
cc @marin
See merge request !437
2015-03-25 04:16:45 +00:00
4830b2be5e
Refactor GitAccess to use instance variables.
2015-03-24 14:11:48 +01:00
56d87db32c
Reduce Rack Attack false positives by clearing out auth failure count upon
...
successful Git over HTTP authentication.
Add logging when a ban goes into effect for debugging.
Issue #1171
2015-03-24 00:36:46 -07:00
dd37a10df4
Don't leak information about private project existence via Git-over-SSH/HTTP.
2015-03-02 17:52:48 +01:00
d723bf78b8
Fix git-over-http
2015-02-23 10:05:18 -08:00
d04344373b
Rubocop: no trailing newlines
2015-02-02 21:53:27 -08:00
e890582681
Rubocop enabled for: Use spaces inside hash literal braces
2015-02-02 20:36:54 -08:00
54f6d8c7b5
an ability to clone project with oauth2 token
2015-01-28 15:57:31 -08:00
af56c1dd32
White-list requests from 127.0.0.1
...
On some misconfigured GitLab servers, if you look in production.log it looks
like all requests come from 127.0.0.1. To avoid unwanted banning we
white-list 127.0.0.1 with this commit.
2015-01-06 16:56:56 +01:00
c8b2def2be
Add more comments explaining how we block IPs
2014-12-18 11:08:11 +01:00
62ea02740d
Block Git HTTP Basic Auth after 10 failed attempts
2014-12-15 18:57:42 +01:00
53bf52f191
Better message for failed pushes because of git hooks
...
Conflicts:
lib/gitlab/git_access.rb
spec/lib/gitlab/git_access_spec.rb
2014-11-18 13:10:07 +02:00
f36db59d97
Factor GITLAB_SHELL_VERSION get method
2014-11-05 17:16:04 +01:00
0b1084a453
Don't output to stdout from lib non-interactive methods
...
It pollutes the test output too much.
2014-11-05 12:35:33 +01:00
d549a2a525
Factor lib backend gitlab shell path
2014-10-31 13:00:50 +01:00
ce056d8074
Improve grack auth hooks comment.
2014-10-21 12:36:09 +02:00
2e9f5de868
Add parenthesis to function def with arguments.
2014-10-03 09:18:46 +02:00
468b2e8e0b
Added annotated tags. Updated tag haml file and call to gitlab-shell. Updated API for annotated tags. Added tests for API. Strip leading/trailing whitespace from message, if present. Update CHANGELOG.
2014-09-04 09:47:20 -04:00
4535db04b2
Increase import timeout from 2 to 4 minutes
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-08-11 20:58:39 +03:00
5c038d949f
Fix gitlab-ci integration
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-21 23:04:57 +02:00
7dd18a3ec8
Fix http clone for public project
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-21 14:52:30 +02:00
83e83b6617
Improve grack auth
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-20 10:53:03 +02:00
729b358ff2
push via http now served via /allowed API
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-03-20 10:16:17 +02:00
779fa4a7b7
Use batch_add_keys in `rake gitlab 🐚 setup`
2014-03-14 15:49:11 +01:00
1ad2a93678
Merge pull request #5760 from dermoth/master
...
Fix HTTP push to public repos
2014-01-07 02:47:56 -08:00
843548cc76
Fix HTTP push to public repos
...
When doing an HTTP push, git (as of v1.7.9) first do an info/refs
request, and only if this request requires authentication it asks the
user for its password and authenticates further requests.
The initial request normally clears without auth on public repos as it
doesn't update any ref. This patch forces every git-receive-pack
requests to provide authentication.
2013-12-16 12:39:54 -05:00
49a26eaece
Fix project lookup for git over http + rails4
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-10 12:11:27 +02:00
f1c82bc56c
Add gitlab-shell#path option in config
...
Before this commit gitlab-shell but me placed directly in home dir.
Ex:
/home/git/gitlab-shell
After this change you can place gitlab-shell in custom location.
Ex:
/Users/developer/gitlab/gitlab-shell
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-12-09 19:32:37 +02:00
d9bb4230cc
Adding authenticated public mode (internal).
...
Added visibility_level icons to project view (rather than just text).
Added public projects to search results.
Added ability to restrict visibility levels standard users can set.
2013-11-26 22:22:07 -06:00
51ae88c4e4
Improve refs parsing for git over http
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-22 12:55:20 +02:00
06feb3c442
Cleanup parsed refs for git over HTTP
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-22 12:41:55 +02:00
b07c02eb13
Add more info to admin dashboard
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-20 13:41:41 +02:00
182aa19e26
Parse all refs when do push via HTTP and check permissions for all of them
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2013-11-20 11:06:19 +02:00
592d1fabd6
Revert "Escape strings"
...
This reverts commit ce75f46bf7
2013-11-01 16:29:28 +02:00
482a39abb0
Revert "Best to escape strings not split them"
...
This reverts commit aca7f56fef
2013-11-01 16:25:06 +02:00
aca7f56fef
Best to escape strings not split them
...
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
2013-10-31 07:34:11 +00:00
ce75f46bf7
Escape strings
...
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
2013-10-29 18:06:10 +00:00
0542261437
Allow git clone with http for GitLab CI service:
...
If you enable GitLab CI for project you will be able to clone project
source code with next command:
git clone http://gitlab-ci-token:XXXXXXXXXXXX@host:project.git
Requires for GitLab CI 4.0
2013-10-24 17:17:22 +03:00
7dfb2b6379
Remove include of grack_ldap
2013-09-02 23:52:58 +03:00
71abf70458
Move ldap auth to LDAP::User. Removed unused code
2013-09-02 23:50:45 +03:00
48ce80a60c
Fix issue when developers are able to push to protected branch
...
When that branch contain a '/' in the branch name.
Fix for git over HTTP
2013-08-26 12:54:57 +03:00
39d8a64d25
Fixes grack authentification under relative_url_root
...
Ref: e6159b8725https://github.com/gitlabhq/gitlabhq/pull/3204
Ref: https://github.com/gitlabhq/gitlabhq/issues/1228
Add Rails' variable in application.rb to support relative url
This variable is used by assets compilation and other modules.
Note that user needs to change application.rb too
Restrict session cookie to the relative path if set.
Ref: 2c2f1e3185161afda3fa
2013-08-15 21:25:09 +02:00
cd19f82e51
Fix typos
2013-07-29 12:47:06 +02:00
475f607a22
Use gitlab-shell authorized_keys truncation. Fix issue with authorized_keys stored in different location
2013-07-18 13:55:01 +03:00
132caae734
Move repo tags to own controller. add ability to remove tags
2013-07-16 23:12:52 +03:00
a466b2175a
Add create_branch, rm_branch methods to Gitlab::Shell class
2013-07-16 22:18:14 +03:00
559e83d300
Add LDAP support to /api/session
2013-07-16 11:28:19 +03:00
5181816970
Merge branch 'master' into 6-0-dev
2013-07-12 14:42:35 +03:00
2c7b0d5a46
fix bug when project named: mediawiki
...
mediawiki.wiki.git
mediawiki.git
/.wiki$/ match awiki, so when your project named mediawiki
it will be find project named: "medi"
use /\.wiki$/ fix this bug
2013-07-06 09:31:56 +08:00
58427749fd
Update repository head when change default project branch
2013-06-25 17:05:39 +03:00
b4e8fea274
Refactor grack auth module. Add git over http wiki support
2013-06-14 14:42:55 +03:00
63c6f30aba
Fix ldap auth for http push
2013-05-24 20:36:28 +03:00
ba21546a58
System calls were using unsanitized user input
2013-05-12 09:11:09 -05:00
f40d4e6685
Merge pull request #3597 from amacarthur/fork-pull-request
...
updated fork feature to use gitlab-shell for v5 of gitlab
2013-05-02 23:41:07 -07:00
f1c9b05868
better fix for encoding error
2013-05-03 11:31:23 +08:00
4e055e8a63
fix: UTF-8 encoding error
2013-05-03 10:58:53 +08:00
ef61d1f200
fix http push 401
2013-05-03 10:58:53 +08:00
20a88f5c43
LDAP authentication in grack - check ldap conf before call / added comment
2013-04-29 22:26:03 +02:00
228baa80b2
LDAP Authentification with grack for https push - fixed password check
2013-04-27 23:31:48 +02:00
ae33fdf297
updated fork feature to use gitlab-shell for v5 of gitlab
2013-04-15 01:54:52 -04:00
c4299bb45a
Move directory logic out of model. Use Gitlab:Shell class to interact with file system
2013-03-21 22:11:08 +02:00
0103363191
replace Gitolited mixin with Gitlab::ShellAdapter
2013-03-21 21:01:14 +02:00
59b36f2032
Use gitlab-shell to move repos. Requires gitlab-shell v1.1.0
2013-03-12 12:37:53 +02:00
4bc7d98d65
Remove hardcoded refernce to gitlab-shell home. so that gitlab can be installed on any unix account other than git
2013-02-14 23:10:18 +00:00
c9ca15e8d6
require missing lib
2013-02-14 15:25:55 +02:00
49cf9badbc
Gitlab::ShellEnv added
2013-02-14 15:17:43 +02:00
b698094d4d
Update post-receive worker to use correct identifier
2013-02-14 14:00:02 +02:00
2a1fac9e4f
add import repo gitlab_shell call
2013-02-11 19:41:02 +02:00
d64090b8a9
No gitolite in project any more
2013-02-11 19:16:59 +02:00
39e37677f2
add remove keys from gitlab-shell by id
2013-02-05 11:12:15 +02:00
081c272b85
Remove outdated specs and fixed key remove
2013-02-05 10:15:49 +02:00
27d9ac0fe8
Make gitlab works with gitlab-shell
2013-02-04 15:07:56 +02:00
6b9a609044
preparing for gitlab-shell
2013-02-04 14:28:10 +02:00
299a9a1040
keys to gitolite via sidekiq now
2013-01-28 21:02:10 +02:00
8b54b7233e
Async perform for add/remove team members
2013-01-28 17:39:02 +02:00
1c5876eb7b
Do gitolite calls async. Remove satellite with project remove
2013-01-28 17:22:45 +02:00
2812e6f1f5
Fix removeing project if repo not exists
2013-01-25 13:47:54 +02:00
d770714578
Use subproccess instead subshell for git calls
2013-01-22 10:35:58 +02:00
cb96cc030a
Uncomment forgotten code
2013-01-19 13:57:50 +02:00
54a24608a2
Remove chdir inside runtime. Improved gitolite shell commands
2013-01-19 13:56:55 +02:00
569a88a456
raise exception if gitolite is broken
2013-01-19 11:58:36 +02:00
5c3fdfaacb
Fixed developer push to protected branch. Closes #2647
2013-01-19 11:11:25 +02:00
80b8921a9a
Public HTTP clones and remove auth request for public projects
2013-01-14 09:46:55 -05:00
4c6224aad1
Public git read-only access via http
2013-01-13 17:25:18 +02:00
dccd8b6eaa
Continue refactoring. Use repostory and team
2013-01-04 08:43:25 +02:00
21e55ca318
added RAILS_RELATIVE_URL_ROOT support
2012-12-28 18:11:28 +00:00
19eb637419
Update uses of Gitolite.config.foo settings
2012-12-20 16:54:28 +01:00
6cf5d7c96d
Support read-only access for git over HTTP
2012-12-11 15:28:40 -05:00
039996bd0a
Fix invalid method call for gitolite
2012-11-27 16:35:00 +02:00
f5551efdfd
Rewrite and improve git backend logic. Fix project movind. Raise exception to prevent unexpected issues
2012-11-27 09:31:15 +03:00
70bf7f6e19
Project -> update repo only on create and destroy. Fixtures Updated with namespaces. Fixed moving repo
2012-11-21 08:54:05 +03:00
585eb70588
Fix http push with namespaces. Allow use of username as login
2012-11-26 11:23:08 +02:00
GitLab
Jacob Vosmaer
Dmitriy Zaporozhets
Stan Hu
Douwe Maan
Valery Sizov
Valery Sizov
Ciro Santilli
Sean Edge
Thomas Guyot-Sionnest
Jason Hollingsworth
Nigel Kukard
amouhzi
Johannes Schleifenbaum
wuweixin
Joe Andaverde
tsl0922
Friedrich Beckmann
Angus MacArthur
Bhagavan Das
Jeremy Slater
Chris Frohoff
Riyad Preukschas