diff options
| author | Ash McKenzie <amckenzie@gitlab.com> | 2018-07-31 21:06:56 +1000 |
|---|---|---|
| committer | Ash McKenzie <amckenzie@gitlab.com> | 2018-08-01 10:12:09 +1000 |
| commit | 4c4d9f5ef4a2e3ac16d0b02e18b19ba513849f57 (patch) | |
| tree | da1206876526db68f4484dd34ea9c00ae08ebb21 /lib/gitlab_net.rb | |
| parent | 2f733baacdf5d0dca98276cc9b6e895097d5e8d2 (diff) | |
| download | gitlab-shell-4c4d9f5ef4a2e3ac16d0b02e18b19ba513849f57.tar.gz | |
Use actor when we don't know if it's a Key or User
* Use gl_id when we don't know if it's a key-X or user-X
* Use Actor.new_from(gl_id) which will figure out if it's a Key or User
* Use key_str when we're referring to key-X as key_id is confusing
Diffstat (limited to 'lib/gitlab_net.rb')
| -rw-r--r-- | lib/gitlab_net.rb | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index 29a91f4..34e2ff6 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -14,34 +14,34 @@ class GitlabNet GL_PROTOCOL = 'ssh'.freeze API_INACCESSIBLE_ERROR = 'API is not accessible'.freeze - def check_access(cmd, gl_repository, repo, key_id, changes, protocol = GL_PROTOCOL, env: {}) + def check_access(cmd, gl_repository, repo, actor, changes, protocol = GL_PROTOCOL, env: {}) changes = changes.join("\n") unless changes.is_a?(String) params = { action: cmd, changes: changes, gl_repository: gl_repository, - key_id: key_id.gsub('key-', ''), project: sanitize_path(repo), protocol: protocol, env: env } + params[actor.class.identifier_key.to_sym] = actor.id + resp = post("#{internal_api_endpoint}/allowed", params) - determine_action(key_id, resp) + determine_action(actor, resp) end - def discover(key) - key_id = key.gsub("key-", "") + def discover(key_id) resp = get("#{internal_api_endpoint}/discover?key_id=#{key_id}") JSON.parse(resp.body) rescue JSON::ParserError, ApiUnreachableError nil end - def lfs_authenticate(key, repo) - params = { project: sanitize_path(repo), key_id: key.gsub('key-', '') } + def lfs_authenticate(key_id, repo) + params = { project: sanitize_path(repo), key_id: key_id } resp = post("#{internal_api_endpoint}/lfs_authenticate", params) GitlabLfsAuthentication.build_from_json(resp.body) if resp.code == HTTP_SUCCESS @@ -68,15 +68,14 @@ class GitlabNet get("#{internal_api_endpoint}/check", options: { read_timeout: CHECK_TIMEOUT }) end - def authorized_key(key) - resp = get("#{internal_api_endpoint}/authorized_keys?key=#{URI.escape(key, '+/=')}") + def authorized_key(full_key) + resp = get("#{internal_api_endpoint}/authorized_keys?key=#{URI.escape(full_key, '+/=')}") JSON.parse(resp.body) if resp.code == HTTP_SUCCESS rescue nil end - def two_factor_recovery_codes(key) - key_id = key.gsub('key-', '') + def two_factor_recovery_codes(key_id) resp = post("#{internal_api_endpoint}/two_factor_recovery_codes", key_id: key_id) JSON.parse(resp.body) if resp.code == HTTP_SUCCESS rescue @@ -92,8 +91,8 @@ class GitlabNet false end - def post_receive(gl_repository, identifier, changes) - params = { gl_repository: gl_repository, identifier: identifier, changes: changes } + def post_receive(gl_repository, actor, changes) + params = { gl_repository: gl_repository, identifier: actor.identifier, changes: changes } resp = post("#{internal_api_endpoint}/post_receive", params) raise NotFoundError if resp.code == HTTP_NOT_FOUND @@ -113,7 +112,7 @@ class GitlabNet repo.delete("'") end - def determine_action(key_id, resp) + def determine_action(actor, resp) json = JSON.parse(resp.body) message = json['message'] @@ -124,7 +123,7 @@ class GitlabNet # accessing the 'status' key. raise AccessDeniedError, message unless json['status'] - Action::Gitaly.create_from_json(key_id, json) + Action::Gitaly.create_from_json(actor, json) when HTTP_UNAUTHORIZED, HTTP_NOT_FOUND raise AccessDeniedError, message else |