kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/lib/gitlab/checks/change_access.rb

255 lines
8.9 KiB
Ruby
Raw Normal View History

Enable some frozen string in lib/gitlab Enable frozen string for the following files: * lib/gitlab/auth/**/*.rb * lib/gitlab/badge/**/*.rb * lib/gitlab/bare_repository_import/**/*.rb * lib/gitlab/bitbucket_import/**/*.rb * lib/gitlab/bitbucket_server_import/**/*.rb * lib/gitlab/cache/**/*.rb * lib/gitlab/checks/**/*.rb Partially addresses #47424.
2018-10-11 20:12:21 +00:00
# frozen_string_literal: true
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
module Gitlab
module Checks
class ChangeAccess
Fix Git over HTTP spec * The spec has 7 failures at this point * Specify rendered error messages * Render the GitAccess message rather than “Access denied” * Render the Not Found message provided by GitAccess, instead of a custom one * Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller * Add more thorough testing for authentication * Dried up a lot of tests * Fixed some broken tests
2017-05-15 23:13:36 +00:00
ERROR_MESSAGES = {
push_code: 'You are not allowed to push code to this project.',
delete_default_branch: 'The default branch of a project cannot be deleted.',
force_push_protected_branch: 'You are not allowed to force push code to a protected branch on this project.',
change wording
2018-06-04 01:25:38 +00:00
non_master_delete_protected_branch: 'You are not allowed to delete protected branches from this project. Only a project maintainer or owner can delete a protected branch.',
Fix Git over HTTP spec * The spec has 7 failures at this point * Specify rendered error messages * Render the GitAccess message rather than “Access denied” * Render the Not Found message provided by GitAccess, instead of a custom one * Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller * Add more thorough testing for authentication * Dried up a lot of tests * Fixed some broken tests
2017-05-15 23:13:36 +00:00
non_web_delete_protected_branch: 'You can only delete protected branches using the web interface.',
merge_protected_branch: 'You are not allowed to merge code into protected branches on this project.',
push_protected_branch: 'You are not allowed to push code to protected branches on this project.',
change_existing_tags: 'You are not allowed to change existing tags on this project.',
update_protected_tag: 'Protected tags cannot be updated.',
delete_protected_tag: 'Protected tags cannot be deleted.',
Prevent git push when LFS objects are missing
2017-08-25 01:30:12 +00:00
create_protected_tag: 'You are not allowed to create this tag as it is protected.',
lfs_objects_missing: 'LFS objects are missing. Ensure LFS is properly set up or try a manual "git lfs push --all".'
Fix Git over HTTP spec * The spec has 7 failures at this point * Specify rendered error messages * Render the GitAccess message rather than “Access denied” * Render the Not Found message provided by GitAccess, instead of a custom one * Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller * Add more thorough testing for authentication * Dried up a lot of tests * Fixed some broken tests
2017-05-15 23:13:36 +00:00
}.freeze
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
LOG_MESSAGES = {
push_checks: "Checking if you are allowed to push...",
delete_default_branch_check: "Checking if default branch is being deleted...",
protected_branch_checks: "Checking if you are force pushing to a protected branch...",
protected_branch_push_checks: "Checking if you are allowed to push to the protected branch...",
protected_branch_deletion_checks: "Checking if you are allowed to delete the protected branch...",
tag_checks: "Checking if you are allowed to change existing tags...",
protected_tag_checks: "Checking if you are creating, updating or deleting a protected tag...",
lfs_objects_exist_check: "Scanning repository for blobs stored in LFS and verifying their files have been uploaded to GitLab...",
commits_check_file_paths_validation: "Validating commits' file paths...",
commits_check: "Validating commits..." # different message in EE
}.freeze
attr_reader :user_access, :project, :skip_authorization, :skip_lfs_integrity_check, :protocol, :oldrev, :newrev, :ref, :branch_name, :tag_name, :logger
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
We never check user privilege if it's a deploy key
2016-11-17 19:48:23 +00:00
def initialize(
Don't pass `env` anymore to GitAccess, ChangeAccess, and ForcePush Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-04-05 07:35:58 +00:00
change, user_access:, project:, skip_authorization: false,
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
skip_lfs_integrity_check: false, protocol:, logger:
Backport changes from gitlab-org/gitlab-ee!1406
2017-03-13 11:31:27 +00:00
)
api for generating new merge request DRY code + fix rubocop Add more test cases Append to changelog DRY changes list find_url service for merge_requests use GET for getting merge request links remove files rename to get_url_service reduce loop add test case for cross project refactor tiny thing update changelog
2016-07-28 04:04:57 +00:00
@oldrev, @newrev, @ref = change.values_at(:oldrev, :newrev, :ref)
@branch_name = Gitlab::Git.branch_name(@ref)
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
@tag_name = Gitlab::Git.tag_name(@ref)
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
@user_access = user_access
@project = project
We never check user privilege if it's a deploy key
2016-11-17 19:48:23 +00:00
@skip_authorization = skip_authorization
Only check LFS integrity for first branch in push
2018-02-13 19:33:13 +00:00
@skip_lfs_integrity_check = skip_lfs_integrity_check
Backport changes from gitlab-org/gitlab-ee!1406
2017-03-13 11:31:27 +00:00
@protocol = protocol
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
@logger = logger
@logger.log << "Running checks for ref: #{@branch_name || @tag_name}"
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
def exec(skip_commits_check: false)
Remove GitAccessStatus (no longer needed)
2017-05-23 19:21:57 +00:00
return true if skip_authorization
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
Refactor to let GitAccess errors bubble up No external behavior change. This allows `GitHttpController` to set the HTTP status based on the type of error. Alternatively, we could have added an attribute to GitAccessStatus, but this pattern seemed appropriate.
2017-05-19 19:58:45 +00:00
push_checks
branch_checks
tag_checks
Only check LFS integrity for first branch in push
2018-02-13 19:33:13 +00:00
lfs_objects_exist_check unless skip_lfs_integrity_check
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
commits_check unless skip_commits_check
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
Remove GitAccessStatus (no longer needed)
2017-05-23 19:21:57 +00:00
true
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
protected
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
def push_checks
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
unless can_push?
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:push_code]
end
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
end
end
def branch_checks
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
return unless branch_name
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[:delete_default_branch_check]) do
if deletion? && branch_name == project.default_branch
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:delete_default_branch]
end
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
end
protected_branch_checks
end
def protected_branch_checks
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
return unless ProtectedBranch.protected?(project, branch_name) # rubocop:disable Cop/AvoidReturnFromBlocks
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
if forced_push?
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:force_push_protected_branch]
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
if deletion?
protected_branch_deletion_checks
else
protected_branch_push_checks
end
end
def protected_branch_deletion_checks
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
unless user_access.can_delete_branch?(branch_name)
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:non_master_delete_protected_branch]
end
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
unless updated_from_web?
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:non_web_delete_protected_branch]
end
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
end
end
def protected_branch_push_checks
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
if matching_merge_request?
unless user_access.can_merge_to_branch?(branch_name) || user_access.can_push_to_branch?(branch_name)
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:merge_protected_branch]
end
else
unless user_access.can_push_to_branch?(branch_name)
raise GitAccess::UnauthorizedError, push_to_protected_branch_rejected_message
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
end
end
def tag_checks
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
return unless tag_name
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
if tag_exists? && user_access.cannot_do_action?(:admin_project)
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:change_existing_tags]
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
protected_tag_checks
end
def protected_tag_checks
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
return unless ProtectedTag.protected?(project, tag_name) # rubocop:disable Cop/AvoidReturnFromBlocks
Add confirm delete protected branch modal
2017-05-08 07:41:58 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
raise(GitAccess::UnauthorizedError, ERROR_MESSAGES[:update_protected_tag]) if update?
raise(GitAccess::UnauthorizedError, ERROR_MESSAGES[:delete_protected_tag]) if deletion?
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
unless user_access.can_create_tag?(tag_name)
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:create_protected_tag]
end
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
end
end
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
def commits_check
return if deletion? || newrev.nil?
Avoid slow File Lock checks when not used Also avoid double commit lookup during file lock check by reusing memoized commits.
2018-02-15 05:21:17 +00:00
return unless should_run_commit_validations?
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
# n+1: https://gitlab.com/gitlab-org/gitlab-ee/issues/3593
::Gitlab::GitalyClient.allow_n_plus_1_calls do
commits.each do |commit|
commit_check.validate(commit, validations_for_commit(commit))
end
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
end
end
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[:commits_check_file_paths_validation]) do
commit_check.validate_file_paths
end
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
end
# Method overwritten in EE to inject custom validations
def validations_for_commit(_)
[]
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
private
Improves remote message when a developer is unable to push in an empty repository
2018-07-10 08:42:38 +00:00
def push_to_protected_branch_rejected_message
if project.empty_repo?
empty_project_push_message
else
ERROR_MESSAGES[:push_protected_branch]
end
end
def empty_project_push_message
<<~MESSAGE
A default branch (e.g. master) does not yet exist for #{project.full_path}
Ask a project Owner or Maintainer to create a default branch:
#{project_members_url}
MESSAGE
end
def project_members_url
Gitlab::Routing.url_helpers.project_project_members_url(project)
end
Avoid slow File Lock checks when not used Also avoid double commit lookup during file lock check by reusing memoized commits.
2018-02-15 05:21:17 +00:00
def should_run_commit_validations?
commit_check.validate_lfs_file_locks?
end
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
def updated_from_web?
protocol == 'web'
end
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
def tag_exists?
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
project.repository.tag_exists?(tag_name)
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
def forced_push?
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
Gitlab::Checks::ForcePush.force_push?(project, oldrev, newrev)
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
Protected Tags prevents all updates instead of just force pushes. This only changes behaviour for masters, as developers are already prevented from updating/deleting tags without the Protected Tags feature
2017-04-03 23:05:51 +00:00
def update?
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
!Gitlab::Git.blank_ref?(oldrev) && !deletion?
Protected Tags prevents all updates instead of just force pushes. This only changes behaviour for masters, as developers are already prevented from updating/deleting tags without the Protected Tags feature
2017-04-03 23:05:51 +00:00
end
def deletion?
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
Gitlab::Git.blank_ref?(newrev)
Protected Tags enforced over git
2017-03-31 16:57:29 +00:00
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
def matching_merge_request?
Backport changes to Gitlab::Checks::ChangeAccess from EE
2018-01-23 16:12:44 +00:00
Checks::MatchingMergeRequest.new(newrev, branch_name, project).match?
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
Prevent git push when LFS objects are missing
2017-08-25 01:30:12 +00:00
def lfs_objects_exist_check
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
logger.log_timed(LOG_MESSAGES[__method__]) do
lfs_check = Checks::LfsIntegrity.new(project, newrev, logger.time_left)
Prevent git push when LFS objects are missing
2017-08-25 01:30:12 +00:00
Adds tracing messages for slow git pushes Whenever a git push takes more than 50 seconds the user will receive a trace from each check performed along with their timings
2018-10-22 14:49:20 +00:00
if lfs_check.objects_missing?
raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:lfs_objects_missing]
end
Prevent git push when LFS objects are missing
2017-08-25 01:30:12 +00:00
end
end
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
def commit_check
@commit_check ||= Gitlab::Checks::CommitCheck.new(project, user_access.user, newrev, oldrev)
end
def commits
Avoid slow File Lock checks when not used Also avoid double commit lookup during file lock check by reusing memoized commits.
2018-02-15 05:21:17 +00:00
@commits ||= project.repository.new_commits(newrev)
Backport of LFS File Locking API
2018-02-07 13:00:53 +00:00
end
Limit queries to a user-branch combination The query becomes a lot simpler if we can check the branch name as well instead of having to load all branch names.
2018-03-06 22:30:47 +00:00
def can_push?
user_access.can_do_action?(:push_code) ||
user_access.can_push_to_branch?(branch_name)
end
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' "" This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 08:16:56 +00:00
end
end
end