Jacob Vosmaer
7dff0946a7
Remove duplicate method reintroduced by merge
2016-08-09 12:35:36 +02:00
Jacob Vosmaer
7a99826694
Merge branch 'master' of https://gitlab.com/gitlab-org/gitlab-ce into remove-grack-lfs
2016-08-09 12:27:37 +02:00
Jacob Vosmaer
b8f754dd0a
Stop 'git push' over HTTP early
...
Before this change we always let users push Git data over HTTP before
deciding whether to accept to push. This was different from pushing
over SSH where we terminate a 'git push' early if we already know the
user is not allowed to push.
This change let Git over HTTP follow the same behavior as Git over
SSH. We also distinguish between HTTP 404 and 403 responses when
denying Git requests, depending on whether the user is allowed to know
the project exists.
2016-08-03 14:54:12 +02:00
Jacob Vosmaer
0d9752446d
Add LFS controllers
2016-07-22 17:54:04 +02:00
Patricio Cano
9397ce9137
Correct access control flow for Git HTTP requests.
2016-07-05 16:54:22 -05:00
Patricio Cano
da15471bb1
Clarify protocol access check, and make Git HTTP access call more specific.
2016-07-05 16:54:22 -05:00
Patricio Cano
0f54e2ae6c
Render the status message with `plain:` so that the message gets passed to the Git client.
2016-07-05 16:54:22 -05:00
Patricio Cano
08018b7a7a
Render :forbidden *only* if HTTP is disabled.
2016-07-05 16:54:22 -05:00
Patricio Cano
41c87b9a23
Return :forbidden if HTTP protocol access is not allowed
2016-07-05 16:54:22 -05:00
Patricio Cano
c98f89eac7
Simplify access checks
2016-07-05 16:54:22 -05:00
Patricio Cano
7735ef86f0
Only allow Git Access on the allowed protocol
2016-07-05 16:54:22 -05:00
Jacob Vosmaer
4bcad1cbdd
Groundwork for Kerberos SPNEGO (EE feature)
2016-07-01 11:46:56 +02:00
Jacob Vosmaer
0e896ffe4e
Improve Gitlab::Auth method names
...
Auth.find was a very generic name for a very specific method.
Auth.find_in_gitlab_or_ldap was inaccurate in GitLab EE where it also
looks in Kerberos.
2016-06-10 14:51:16 +02:00
Jacob Vosmaer
63ed80321b
Skip authenticity token checks for Git HTTP
2016-06-08 16:00:49 -04:00
Jacob Vosmaer
46d5760c76
Fewer silly instance variables
2016-06-03 16:04:59 +02:00
Jacob Vosmaer
50a357d7e8
Use #present?
2016-06-03 15:49:52 +02:00
Jacob Vosmaer
1564074648
Refactor _allowed? methods as Rémy asked
2016-06-03 15:28:35 +02:00
Jacob Vosmaer
3ffa494ffe
Changes after more review from Rémy
2016-06-03 14:57:34 +02:00
Jacob Vosmaer
b1ffc9f0fe
Make CI/Oauth/rate limiting reusable
2016-04-29 18:58:55 +02:00
Jacob Vosmaer
d698d3e846
More changes suggested by Rémy
2016-04-25 18:05:05 +02:00
Jacob Vosmaer
c161065e78
Don't mess up our parent controller
2016-04-22 14:04:20 +02:00
Jacob Vosmaer
9add3fbb33
Some changes after review from Rémy and Valery
2016-04-22 13:24:53 +02:00
Jacob Vosmaer
d3541da4ce
Comment and whitespace
2016-04-15 12:40:43 +02:00
Jacob Vosmaer
ab9dfa8fd6
Clarify intentions
2016-04-06 19:25:47 +02:00
Jacob Vosmaer
91226c2001
Move workhorse protocol code into lib
2016-04-06 17:52:12 +02:00
Jacob Vosmaer
5fe06d7365
Add some upload specs
2016-03-24 18:58:29 +01:00
Jacob Vosmaer
55f5a68f09
Get Grack::Auth tests to pass
2016-03-23 18:34:16 +01:00