root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity
17,584 Commits 9,131 Branches 1,640 Tags 2 GiB
Commit Graph

124 Commits

Author SHA1 Message Date
Stan Hu 555fd0cf4a Fix downloading of patches on public merge requests when user logged out 
Closes #1225
Closes #1854
Closes #1858
 2015-06-23 05:34:21 -07:00
Dmitriy Zaporozhets 97ff86e07c Move repository when project is removed 
Ths commit does next:

* When we remove project we move repository to path+deleted.git
* Then we schedule removal of path+deleted with sidekiq
* If repository move failed we abort project removal

This should help us with NFS issue when project get removed but
repository stayed. The full explanation of problem is below:

* rm -rf project.git
* rm -rf removes project.git/objects/foo
* NFS server renames foo to foo.nfsXXXX because some NFS client (think
* Unicorn) still has the file open
* rm -rf exits, but project.git/objects/foo.nfsXXX still exists
* Unicorn closes the file, the NFS client closes the file (foo), and the
* NFS server removes foo.nfsXXX
* the directory project.git/objects/ still exists => problem

So now we move repository and even if repository removal failed

Repository directory is moved so no bugs with project removed but
repository directory taken. User still able to create new project with
same name. From administrator perspective you can easily find stalled
repositories by searching `*+deleted.git`

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2015-06-03 13:05:43 +02:00
Stan Hu 3b22cfe600 Remove Rack Attack monkey patches and bump to version 4.3.0 2015-05-22 16:25:03 -04:00
Douwe Maan f915a4b80f Warn when gitlab-shell version doesn't match requirement. 2015-04-06 14:02:49 +02:00
Dmitriy Zaporozhets 8f3f6e9efb Merge branch 'api-internal-errors' into 'master' 
Respond with full GitAccess error if user has project read access.

Should help with debugging #1236.

cc @marin

See merge request !437
 2015-03-25 04:16:45 +00:00
Douwe Maan 4830b2be5e Refactor GitAccess to use instance variables. 2015-03-24 14:11:48 +01:00
Stan Hu 56d87db32c Reduce Rack Attack false positives by clearing out auth failure count upon 
successful Git over HTTP authentication.

Add logging when a ban goes into effect for debugging.

Issue #1171
 2015-03-24 00:36:46 -07:00
Douwe Maan dd37a10df4 Don't leak information about private project existence via Git-over-SSH/HTTP. 2015-03-02 17:52:48 +01:00
Dmitriy Zaporozhets d723bf78b8 Fix git-over-http 2015-02-23 10:05:18 -08:00
Dmitriy Zaporozhets d04344373b Rubocop: no trailing newlines 2015-02-02 21:53:27 -08:00
Dmitriy Zaporozhets e890582681 Rubocop enabled for: Use spaces inside hash literal braces 2015-02-02 20:36:54 -08:00
Valery Sizov 54f6d8c7b5 an ability to clone project with oauth2 token 2015-01-28 15:57:31 -08:00
Jacob Vosmaer af56c1dd32 White-list requests from 127.0.0.1 
On some misconfigured GitLab servers, if you look in production.log it looks
like all requests come from 127.0.0.1. To avoid unwanted banning we
white-list 127.0.0.1 with this commit.
 2015-01-06 16:56:56 +01:00
Jacob Vosmaer c8b2def2be Add more comments explaining how we block IPs 2014-12-18 11:08:11 +01:00
Jacob Vosmaer 62ea02740d Block Git HTTP Basic Auth after 10 failed attempts 2014-12-15 18:57:42 +01:00
Valery Sizov 53bf52f191 Better message for failed pushes because of git hooks 
Conflicts:
	lib/gitlab/git_access.rb
	spec/lib/gitlab/git_access_spec.rb
 2014-11-18 13:10:07 +02:00
Ciro Santilli f36db59d97 Factor GITLAB_SHELL_VERSION get method 2014-11-05 17:16:04 +01:00
Ciro Santilli 0b1084a453 Don't output to stdout from lib non-interactive methods 
It pollutes the test output too much.
 2014-11-05 12:35:33 +01:00
Ciro Santilli d549a2a525 Factor lib backend gitlab shell path 2014-10-31 13:00:50 +01:00
Ciro Santilli ce056d8074 Improve grack auth hooks comment. 2014-10-21 12:36:09 +02:00
Ciro Santilli 2e9f5de868 Add parenthesis to function def with arguments. 2014-10-03 09:18:46 +02:00
Sean Edge 468b2e8e0b Added annotated tags. Updated tag haml file and call to gitlab-shell. Updated API for annotated tags. Added tests for API. Strip leading/trailing whitespace from message, if present. Update CHANGELOG. 2014-09-04 09:47:20 -04:00
Dmitriy Zaporozhets 4535db04b2
Increase import timeout from 2 to 4 minutes 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-08-11 20:58:39 +03:00
Dmitriy Zaporozhets 5c038d949f
Fix gitlab-ci integration 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-03-21 23:04:57 +02:00
Dmitriy Zaporozhets 7dd18a3ec8
Fix http clone for public project 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-03-21 14:52:30 +02:00
Dmitriy Zaporozhets 83e83b6617
Improve grack auth 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-03-20 10:53:03 +02:00
Dmitriy Zaporozhets 729b358ff2 push via http now served via /allowed API 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2014-03-20 10:16:17 +02:00
Jacob Vosmaer 779fa4a7b7 Use batch_add_keys in `rake gitlab🐚setup` 2014-03-14 15:49:11 +01:00
Dmitriy Zaporozhets 1ad2a93678 Merge pull request #5760 from dermoth/master 
Fix HTTP push to public repos
 2014-01-07 02:47:56 -08:00
Thomas Guyot-Sionnest 843548cc76 Fix HTTP push to public repos 
When doing an HTTP push, git (as of v1.7.9) first do an info/refs
request, and only if this request requires authentication it asks the
user for its password and authenticates further requests.

The initial request normally clears without auth on public repos as it
doesn't update any ref. This patch forces every git-receive-pack
requests to provide authentication.
 2013-12-16 12:39:54 -05:00
Dmitriy Zaporozhets 49a26eaece Fix project lookup for git over http + rails4 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-12-10 12:11:27 +02:00
Dmitriy Zaporozhets f1c82bc56c
Add gitlab-shell#path option in config 
Before this commit gitlab-shell but me placed directly in home dir.
Ex:
  /home/git/gitlab-shell

After this change you can place gitlab-shell in custom location.
Ex:
  /Users/developer/gitlab/gitlab-shell

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-12-09 19:32:37 +02:00
Jason Hollingsworth d9bb4230cc Adding authenticated public mode (internal). 
Added visibility_level icons to project view (rather than just text).
Added public projects to search results.
Added ability to restrict visibility levels standard users can set.
 2013-11-26 22:22:07 -06:00
Dmitriy Zaporozhets 51ae88c4e4
Improve refs parsing for git over http 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-11-22 12:55:20 +02:00
Dmitriy Zaporozhets 06feb3c442
Cleanup parsed refs for git over HTTP 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-11-22 12:41:55 +02:00
Dmitriy Zaporozhets b07c02eb13
Add more info to admin dashboard 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-11-20 13:41:41 +02:00
Dmitriy Zaporozhets 182aa19e26
Parse all refs when do push via HTTP and check permissions for all of them 
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
 2013-11-20 11:06:19 +02:00
Dmitriy Zaporozhets 592d1fabd6 Revert "Escape strings" 
This reverts commit ce75f46bf7.
 2013-11-01 16:29:28 +02:00
Dmitriy Zaporozhets 482a39abb0 Revert "Best to escape strings not split them" 
This reverts commit aca7f56fef.
 2013-11-01 16:25:06 +02:00
Nigel Kukard aca7f56fef Best to escape strings not split them 
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
 2013-10-31 07:34:11 +00:00
Nigel Kukard ce75f46bf7 Escape strings 
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
 2013-10-29 18:06:10 +00:00
Dmitriy Zaporozhets 0542261437 Allow git clone with http for GitLab CI service: 
If you enable GitLab CI for project you will be able to clone project
source code with next command:
git clone http://gitlab-ci-token:XXXXXXXXXXXX@host:project.git
Requires for GitLab CI 4.0
 2013-10-24 17:17:22 +03:00
Dmitriy Zaporozhets 7dfb2b6379 Remove include of grack_ldap 2013-09-02 23:52:58 +03:00
Dmitriy Zaporozhets 71abf70458 Move ldap auth to LDAP::User. Removed unused code 2013-09-02 23:50:45 +03:00
Dmitriy Zaporozhets 48ce80a60c Fix issue when developers are able to push to protected branch 
When that branch contain a '/' in the branch name.
Fix for git over HTTP
 2013-08-26 12:54:57 +03:00
amouhzi 39d8a64d25 Fixes grack authentification under relative_url_root 
Ref: e6159b8725
Ref: https://github.com/gitlabhq/gitlabhq/pull/3204
Ref: https://github.com/gitlabhq/gitlabhq/issues/1228

Add Rails' variable in application.rb to support relative url

This variable is used by assets compilation and other modules.

Note that user needs to change application.rb too

Restrict session cookie to the relative path if set.

Ref: 2c2f1e3185

Fix Update attachment_uploader.rb bug with relative URL

See: 161afda3fa

Fix Wall relative bug with attachement files (javascript)
 2013-08-15 21:25:09 +02:00
Johannes Schleifenbaum cd19f82e51 Fix typos 2013-07-29 12:47:06 +02:00
Dmitriy Zaporozhets 475f607a22 Use gitlab-shell authorized_keys truncation. Fix issue with authorized_keys stored in different location 2013-07-18 13:55:01 +03:00
Dmitriy Zaporozhets 132caae734 Move repo tags to own controller. add ability to remove tags 2013-07-16 23:12:52 +03:00
Dmitriy Zaporozhets a466b2175a Add create_branch, rm_branch methods to Gitlab::Shell class 2013-07-16 22:18:14 +03:00