1 files changed, 26 insertions, 8 deletions

diff --git a/lib/gitlab_shell.rb b/lib/gitlab_shell.rb
index 496f3a1..aeea0da 100644
--- a/lib/gitlab_shell.rb
+++ b/lib/gitlab_shell.rb
@@ -8,7 +8,9 @@ class GitlabShell
   def initialize
     @key_id = ARGV.shift
     @origin_cmd = ENV['SSH_ORIGINAL_COMMAND']
-    @repos_path = GitlabConfig.new.repos_path
+    @config = GitlabConfig.new
+    @repos_path = @config.repos_path
+    @user_tried = false
   end
 
   def exec
@@ -21,19 +23,16 @@ class GitlabShell
         if validate_access
           process_cmd
         else
-          message = "gitlab-shell: Access denied for git command <#{@origin_cmd}>"
-          message << " by user with key #{@key_id}."
+          message = "gitlab-shell: Access denied for git command <#{@origin_cmd}> by #{log_username}."
           $logger.warn message
         end
       else
-        message = "gitlab-shell: Attempt to execute disallowed command "
-        message << "<#{@origin_cmd}> by user with key #{@key_id}."
+        message = "gitlab-shell: Attempt to execute disallowed command <#{@origin_cmd}> by #{log_username}."
         $logger.warn message
         puts 'Not allowed command'
       end
     else
-      user = api.discover(@key_id)
-      puts "Welcome to GitLab, #{user && user['name'] || 'Anonymous'}!"
+      puts "Welcome to GitLab, #{username}!"
     end
   end
 
@@ -52,7 +51,7 @@ class GitlabShell
   def process_cmd
     repo_full_path = File.join(repos_path, repo_name)
     cmd = "#{@git_cmd} #{repo_full_path}"
-    $logger.info "gitlab-shell: executing git command <#{cmd}> for user with key #{@key_id}."
+    $logger.info "gitlab-shell: executing git command <#{cmd}> for #{log_username}."
     exec_cmd(cmd)
   end
 
@@ -67,4 +66,23 @@ class GitlabShell
   def api
     GitlabNet.new
   end
+
+  def user
+    # Can't use "@user ||=" because that will keep hitting the API when @user is really nil!
+    if @user_tried
+      @user
+    else
+      @user_tried = true
+      @user = api.discover(@key_id)
+    end
+  end
+
+  def username
+    user && user['name'] || 'Anonymous'
+  end
+
+  # User identifier to be used in log messages.
+  def log_username
+    @config.audit_usernames ? username : "user with key #{@key_id}"
+  end
 end