Commit graph

17 commits

Author SHA1 Message Date
Toon Claes
d13669716a Create idea of read-only database
In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo
secondary node). But in GitLab CE it also might be useful to have the
"read-only" idea around. So port it back to GitLab CE.

Also having the principle of read-only in GitLab CE would hopefully
lead to less errors introduced, doing write operations when there
aren't allowed for read-only calls.

Closes gitlab-org/gitlab-ce#37534.
2017-10-06 22:37:40 +02:00
Michael Kozono
0e3cfc75a3 Remove GitAccessStatus (no longer needed) 2017-06-05 05:32:26 -07:00
Michael Kozono
23d37382da Refactor to let GitAccess errors bubble up
No external behavior change.

This allows `GitHttpController` to set the HTTP status based on the type of error. Alternatively, we could have added an attribute to GitAccessStatus, but this pattern seemed appropriate.
2017-06-05 05:32:26 -07:00
Michael Kozono
ff8a053d5d Fix Git over HTTP spec
* The spec has 7 failures at this point
* Specify rendered error messages
* Render the GitAccess message rather than “Access denied”
* Render the Not Found message provided by GitAccess, instead of a custom one
* Expect GitAccess to check the config for whether Git-over-HTTP pull or push is disabled, rather than doing it in the controller
* Add more thorough testing for authentication
* Dried up a lot of tests
* Fixed some broken tests
2017-06-05 05:32:26 -07:00
Lin Jen-Shin
46d7c1d2b3 Prefer guest_can_download_code? and fix typo 2016-12-06 21:10:27 +08:00
Lin Jen-Shin
d6287ab230 Merge remote-tracking branch 'upstream/master' into feature/1376-allow-write-access-deploy-keys
* upstream/master: (488 commits)
  Merge branch 'issue_25064' into 'security'
  It's secret variables, not secure
  Fix dead links, add example of debug trace output, simplify titles
  Authorize users into imported GitLab project
  Document button secondary states. Update icons and color section
  Remove unused votes.scss
  Remove unused errors css
  Fixed MR widget content wrapping for XS viewports
  NIGNX -> Nginx
  Use pry-byebug instead byebug
  Fixed influence from other specs.
  Accept `issue new` as command to create an issue
  Update paranoia from 2.1.4 to 2.2.0.
  Use the pagination helper in the API
  Added changelog for #25221
  Fixed top margin for Builds page status header information
  Satisfied eslint
  Fix compatibility with Internet Explorer 11 for merge requests
  change the date label to match the date used
  fix gfm doc typo about two spaces for next line transfer
  ...
2016-12-06 20:53:07 +08:00
Douglas Barbosa Alexandre
d6b9b21e6d Allow access to the wiki with git when repository feature disabled 2016-11-30 16:02:24 -02:00
Lin Jen-Shin
5da9bfa453 Fix test for GitAccessWiki, it's overriding change_access_check 2016-11-11 22:26:05 +08:00
Rémy Coutable
2cf7f09b1e
Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' ""
This reverts commit 530f5158e2.

See !4892.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-18 10:16:56 +02:00
Robert Speicher
530f5158e2 Revert "Merge branch '18193-developers-can-merge' into 'master' "
This reverts commit 9ca633eb4c, reversing
changes made to fb229bbf79.
2016-07-13 13:57:30 -05:00
Timothy Andrew
60245bbe22 Refactor Gitlab::GitAccess
1. Don't use case statements for dispatch anymore. This leads to a lot
   of duplication, and makes the logic harder to follow.

2. Remove duplicated logic.

    - For example, the `can_push_to_branch?` exists, but we also have a
      different way of checking the same condition within `change_access_check`.

    - This kind of duplication is removed, and the `can_push_to_branch?`
      method is used in both places.

3. Move checks returning true/false to `UserAccess`.

    - All public methods in `GitAccess` now return an instance of
      `GitAccessStatus`. Previously, some methods would return
      true/false as well, which was confusing.

    - It makes sense for these kinds of checks to be at the level of a
      user, so the `UserAccess` class was repurposed for this. The prior
      `UserAccess.allowed?` classmethod is converted into an instance
      method.

    - All external uses of these checks have been migrated to use the
      `UserAccess` class

4. Move the "change_access_check" into a separate class.

    - Create the `GitAccess::ChangeAccessCheck` class to run these
      checks, which are quite substantial.

    - `ChangeAccessCheck` returns an instance of `GitAccessStatus` as
      well.

5. Break out the boolean logic in `ChangeAccessCheck` into `if/else`
   chains - this seems more readable.

6. I can understand that this might look like overkill for !4892, but I
   think this is a good opportunity to clean it up.

    - http://martinfowler.com/bliki/OpportunisticRefactoring.html
2016-07-13 13:24:56 +05:30
Dmitriy Zaporozhets
342d553709
Rename abilities to correspond contoller/model action names
write_ was renamed to create_
modify_  was renamed to update_

So now in update action we have next code

def create
  can?(current_user, :create_issue, @issue)
end

def update
  can?(current_user, :update_issue, @issue)
end

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2015-06-26 15:55:56 +02:00
Douwe Maan
1f72c387c9 Improve Git access error messages. 2015-05-13 09:41:55 +02:00
Douwe Maan
4830b2be5e Refactor GitAccess to use instance variables. 2015-03-24 14:11:48 +01:00
Valery Sizov
ef944e83ec Git hook messages: wiki access fix 2014-11-24 16:21:35 +02:00
Valery Sizov
53bf52f191 Better message for failed pushes because of git hooks
Conflicts:
	lib/gitlab/git_access.rb
	spec/lib/gitlab/git_access_spec.rb
2014-11-18 13:10:07 +02:00
Dmitriy Zaporozhets
0bf99f6557
Developers can push to wiki repo. Protected branches does not affect wiki repo any more
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-10-07 16:05:24 +03:00