2018-10-22 07:00:50 +00:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2014-10-07 13:05:24 +00:00
|
|
|
module Gitlab
|
|
|
|
class GitAccessWiki < GitAccess
|
2020-07-21 18:09:45 +00:00
|
|
|
extend ::Gitlab::Utils::Override
|
2020-05-22 21:08:22 +00:00
|
|
|
|
2017-05-15 23:13:36 +00:00
|
|
|
ERROR_MESSAGES = {
|
2020-07-21 18:09:45 +00:00
|
|
|
download: 'You are not allowed to download files from this wiki.',
|
|
|
|
not_found: 'The wiki you were looking for could not be found.',
|
|
|
|
no_repo: 'A repository for this wiki does not exist yet.',
|
|
|
|
read_only: "You can't push code to a read-only GitLab instance.",
|
2017-05-15 23:13:36 +00:00
|
|
|
write_to_wiki: "You are not allowed to write to this project's wiki."
|
|
|
|
}.freeze
|
|
|
|
|
2020-10-05 15:08:56 +00:00
|
|
|
override :project
|
|
|
|
def project
|
|
|
|
container.project if container.is_a?(ProjectWiki)
|
|
|
|
end
|
|
|
|
|
2020-07-21 18:09:45 +00:00
|
|
|
override :download_ability
|
|
|
|
def download_ability
|
|
|
|
:download_wiki_code
|
2016-11-29 18:59:25 +00:00
|
|
|
end
|
|
|
|
|
2020-07-21 18:09:45 +00:00
|
|
|
override :push_ability
|
|
|
|
def push_ability
|
|
|
|
:create_wiki
|
2016-11-29 18:59:25 +00:00
|
|
|
end
|
|
|
|
|
2021-12-07 03:12:22 +00:00
|
|
|
override :check_download_access!
|
|
|
|
def check_download_access!
|
|
|
|
super
|
|
|
|
|
2022-05-03 00:08:25 +00:00
|
|
|
raise ForbiddenError, download_forbidden_message if build_cannot_download?
|
|
|
|
raise ForbiddenError, download_forbidden_message if deploy_token_cannot_download?
|
2021-12-07 03:12:22 +00:00
|
|
|
end
|
|
|
|
|
2020-07-21 18:09:45 +00:00
|
|
|
override :check_change_access!
|
2018-12-20 16:40:56 +00:00
|
|
|
def check_change_access!
|
2020-07-21 18:09:45 +00:00
|
|
|
raise ForbiddenError, write_to_wiki_message unless user_can_push?
|
2017-09-19 07:44:58 +00:00
|
|
|
|
2017-05-23 19:21:57 +00:00
|
|
|
true
|
2014-10-07 13:05:24 +00:00
|
|
|
end
|
2017-12-07 16:13:40 +00:00
|
|
|
|
|
|
|
def push_to_read_only_message
|
2020-07-21 18:09:45 +00:00
|
|
|
error_message(:read_only)
|
2017-12-07 16:13:40 +00:00
|
|
|
end
|
2018-02-22 00:20:30 +00:00
|
|
|
|
2020-07-21 18:09:45 +00:00
|
|
|
def write_to_wiki_message
|
|
|
|
error_message(:write_to_wiki)
|
|
|
|
end
|
2020-05-22 21:08:22 +00:00
|
|
|
|
2020-07-21 18:09:45 +00:00
|
|
|
def not_found_message
|
|
|
|
error_message(:not_found)
|
|
|
|
end
|
2022-05-03 00:08:25 +00:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
# when accessing via the CI_JOB_TOKEN
|
|
|
|
def build_cannot_download?
|
|
|
|
build_can_download_code? && !user_access.can_do_action?(download_ability)
|
|
|
|
end
|
|
|
|
|
|
|
|
def deploy_token_cannot_download?
|
|
|
|
deploy_token && !deploy_token.can?(download_ability, container)
|
|
|
|
end
|
2014-10-07 13:05:24 +00:00
|
|
|
end
|
|
|
|
end
|
2020-07-21 18:09:45 +00:00
|
|
|
|
2021-05-11 21:10:21 +00:00
|
|
|
Gitlab::GitAccessWiki.prepend_mod_with('Gitlab::GitAccessWiki')
|