2018-10-22 03:00:50 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
2016-06-20 21:40:56 -04:00
|
|
|
module Gitlab
|
|
|
|
|
module ProtocolAccess
|
2022-06-16 11:09:00 -04:00
|
|
|
class << self
|
|
|
|
|
def allowed?(protocol, project: nil)
|
|
|
|
|
# Web is always allowed
|
|
|
|
|
return true if protocol == "web"
|
|
|
|
|
|
|
|
|
|
# System settings
|
|
|
|
|
return false unless instance_allowed?(protocol)
|
|
|
|
|
|
|
|
|
|
# Group-level settings
|
|
|
|
|
return false unless namespace_allowed?(protocol, namespace: project&.root_namespace)
|
|
|
|
|
|
|
|
|
|
# Default to allowing all protocols
|
2016-06-20 21:40:56 -04:00
|
|
|
true
|
2022-06-16 11:09:00 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def instance_allowed?(protocol)
|
|
|
|
|
# If admin hasn't configured this setting, default to true
|
|
|
|
|
return true if Gitlab::CurrentSettings.enabled_git_access_protocol.blank?
|
|
|
|
|
|
2018-02-02 13:39:55 -05:00
|
|
|
protocol == Gitlab::CurrentSettings.enabled_git_access_protocol
|
2016-06-20 21:40:56 -04:00
|
|
|
end
|
2022-06-16 11:09:00 -04:00
|
|
|
|
|
|
|
|
def namespace_allowed?(protocol, namespace: nil)
|
|
|
|
|
# If the namespace parameter was nil, we default to true here
|
|
|
|
|
return true if namespace.nil?
|
|
|
|
|
|
|
|
|
|
# Return immediately if all protocols are allowed
|
|
|
|
|
return true if namespace.enabled_git_access_protocol == "all"
|
|
|
|
|
|
|
|
|
|
# If the setting is somehow nil, such as in an unsaved state, we default to allow
|
|
|
|
|
return true if namespace.enabled_git_access_protocol.blank?
|
|
|
|
|
|
|
|
|
|
protocol == namespace.enabled_git_access_protocol
|
|
|
|
|
end
|
2016-06-20 21:40:56 -04:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
