diff options
| -rwxr-xr-x | hooks/post-receive | 1 | ||||
| -rwxr-xr-x | hooks/update | 12 | ||||
| -rw-r--r-- | lib/gitlab_net.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab_projects.rb | 12 | ||||
| -rw-r--r-- | lib/gitlab_shell.rb | 4 | ||||
| -rw-r--r-- | lib/gitlab_update.rb | 29 | ||||
| -rwxr-xr-x | support/rewrite-hooks.sh | 6 |
7 files changed, 58 insertions, 8 deletions
diff --git a/hooks/post-receive b/hooks/post-receive index 6944d3e..ebd9e1a 100755 --- a/hooks/post-receive +++ b/hooks/post-receive @@ -1,6 +1,5 @@ #!/usr/bin/env bash -# Version 4.1 # This file was placed here by GitLab. It makes sure that your pushed commits # will be processed properly. diff --git a/hooks/update b/hooks/update new file mode 100755 index 0000000..f483cc0 --- /dev/null +++ b/hooks/update @@ -0,0 +1,12 @@ +#!/usr/bin/env ruby + +# This file was placed here by GitLab. It makes sure that your pushed commits +# will be processed properly. + +refname = ARGV[0] +key_id = ENV['GL_USER'] +repo_path = `pwd` + +require_relative '../lib/gitlab_update' + +GitlabUpdate.new(repo_path, key_id, refname).exec diff --git a/lib/gitlab_net.rb b/lib/gitlab_net.rb index 93e9803..a7d32cd 100644 --- a/lib/gitlab_net.rb +++ b/lib/gitlab_net.rb @@ -9,7 +9,7 @@ class GitlabNet project_name = project_name.gsub(/\.git$/, "") key_id = key.gsub("key-", "") - url = "#{host}/allowed?project=#{project_name}&key_id=#{key_id}&action=#{cmd}&ref=#{ref}" + url = "#{host}/allowed?key_id=#{key_id}&action=#{cmd}&ref=#{ref}&project=#{project_name}" resp = get(url) diff --git a/lib/gitlab_projects.rb b/lib/gitlab_projects.rb index 33b1c21..9afcb48 100644 --- a/lib/gitlab_projects.rb +++ b/lib/gitlab_projects.rb @@ -10,7 +10,6 @@ class GitlabProjects @project_name = ARGV.shift @repos_path = GitlabConfig.new.repos_path @full_path = File.join(@repos_path, @project_name) - @hook_path = File.join(ROOT_PATH, 'hooks', 'post-receive') end def exec @@ -27,17 +26,24 @@ class GitlabProjects def add_project FileUtils.mkdir_p(full_path, mode: 0770) - cmd = "cd #{full_path} && git init --bare && ln -s #{@hook_path} #{full_path}/hooks/post-receive" + cmd = "cd #{full_path} && git init --bare && #{create_hooks_cmd}" system(cmd) end + def create_hooks_cmd + pr_hook_path = File.join(ROOT_PATH, 'hooks', 'post-receive') + up_hook_path = File.join(ROOT_PATH, 'hooks', 'update') + + "ln -s #{pr_hook_path} #{full_path}/hooks/post-receive && ln -s #{up_hook_path} #{full_path}/hooks/update" + end + def rm_project FileUtils.rm_rf(full_path) end def import_project dir = @project_name.match(/[a-zA-Z\.\_\-]+\.git$/).to_s - cmd = "cd #{@repos_path} && git clone --bare #{@project_name} #{dir} && ln -s #{@hook_path} #{@repos_path}/#{dir}/hooks/post-receive" + cmd = "cd #{@repos_path} && git clone --bare #{@project_name} #{dir} && #{create_hooks_cmd}" system(cmd) end end diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb index 9167bac..4da97c7 100644 --- a/lib/gitlab_shell.rb +++ b/lib/gitlab_shell.rb @@ -49,9 +49,7 @@ class GitlabShell end def validate_access - @ref_name = 'master' # just hardcode it cause we dont know ref - - api.allowed?(@git_cmd, @repo_name, @key_id, @ref_name) + api.allowed?(@git_cmd, @repo_name, @key_id, '_any') end def api diff --git a/lib/gitlab_update.rb b/lib/gitlab_update.rb new file mode 100644 index 0000000..cf3953e --- /dev/null +++ b/lib/gitlab_update.rb @@ -0,0 +1,29 @@ +require_relative 'gitlab_init' +require_relative 'gitlab_net' + +class GitlabUpdate + def initialize(repo_path, key_id, refname) + @repo_name = repo_path + @repo_name.gsub!(GitlabConfig.new.repos_path.to_s, "") + @repo_name.gsub!(/.git$/, "") + @repo_name.gsub!(/^\//, "") + + @key_id = key_id + @refname = /refs\/heads\/([\w\.-]+)/.match(refname).to_a.last + end + + def exec + if api.allowed?('git-receive-pack', @repo_name, @key_id, @refname) + exit 0 + else + puts "GitLab: You are not allowed to access #{@refname}! " + exit 1 + end + end + + protected + + def api + GitlabNet.new + end +end diff --git a/support/rewrite-hooks.sh b/support/rewrite-hooks.sh index ad8b4e5..4f8ec05 100755 --- a/support/rewrite-hooks.sh +++ b/support/rewrite-hooks.sh @@ -15,7 +15,10 @@ do then project_hook="$src/$dir/hooks/post-receive" gitolite_hook="/home/git/gitlab-shell/hooks/post-receive" + ln -s -f $gitolite_hook $project_hook + project_hook="$src/$dir/hooks/update" + gitolite_hook="/home/git/gitlab-shell/hooks/update" ln -s -f $gitolite_hook $project_hook else for subdir in `ls "$src/$dir/"` @@ -23,7 +26,10 @@ do if [ -d "$src/$dir/$subdir" ] && [[ "$subdir" =~ ^.*.git$ ]]; then project_hook="$src/$dir/$subdir/hooks/post-receive" gitolite_hook="/home/git/gitlab-shell/hooks/post-receive" + ln -s -f $gitolite_hook $project_hook + project_hook="$src/$dir/$subdir/hooks/update" + gitolite_hook="/home/git/gitlab-shell/hooks/update" ln -s -f $gitolite_hook $project_hook fi done |