kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Merge pull request #4662 from jzi/allow_archive_for_deploy_key

Browse source 
allow all git-upload-* commands for deploy keys
This commit is contained in:
Dmitriy Zaporozhets 2013-07-30 04:21:57 -07:00
commit 8c08fb9b28
2 changed files with 43 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
lib/api/internal.rb
View file

@ -1,6 +1,10 @@
module API
# Internal access API
class Internal < Grape::API
DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive }
PUSH_COMMANDS = %w{ git-receive-pack }
namespace 'internal' do
#
# Check if ssh key has access to project code
@ -26,16 +30,16 @@ module API
if key.is_a? DeployKey
key.projects.include?(project) && git_cmd == 'git-upload-pack'
key.projects.include?(project) && DOWNLOAD_COMMANDS.include?(git_cmd)
else
user = key.user
return false if user.blocked?
action = case git_cmd
when 'git-upload-pack', 'git-upload-archive'
when *DOWNLOAD_COMMANDS
then :download_code
when 'git-receive-pack'
when *PUSH_COMMANDS
then
if project.protected_branch?(params[:ref])
:push_code_to_protected_branches

36
spec/requests/api/internal_spec.rb
View file

@ -100,6 +100,32 @@ describe API::API do
end
end
end
context "deploy key" do
let(:key) { create(:deploy_key) }
context "added to project" do
before do
key.projects << project
end
it do
archive(key, project)
response.status.should == 200
response.body.should == 'true'
end
end
context "not added to project" do
it do
archive(key, project)
response.status.should == 200
response.body.should == 'false'
end
end
end
end
def pull(key, project)
@ -121,4 +147,14 @@ describe API::API do
action: 'git-receive-pack'
)
end
def archive(key, project)
get(
api("/internal/allowed"),
ref: 'master',
key_id: key.id,
project: project.path_with_namespace,
action: 'git-upload-archive'
)
end
end