diff options
| author | Michael Kozono <mkozono@gmail.com> | 2017-05-09 12:36:25 -0700 |
|---|---|---|
| committer | Michael Kozono <mkozono@gmail.com> | 2017-05-10 11:59:23 -0700 |
| commit | a9891b4b7a2f53be09b382cb90dd165a4e1337da (patch) | |
| tree | 9c856ce47ce002639c94cc2bc93ae952cd5102cd /app | |
| parent | 1050451bfd064d06bff8152ac5dec878d1f059b7 (diff) | |
| download | gitlab-ce-mk-add-project-moved-errors-for-git.tar.gz | |
Render GitAccess error message if authenticatedmk-add-project-moved-errors-for-git
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/projects/git_http_client_controller.rb | 15 | ||||
| -rw-r--r-- | app/controllers/projects/git_http_controller.rb | 12 |
2 files changed, 13 insertions, 14 deletions
diff --git a/app/controllers/projects/git_http_client_controller.rb b/app/controllers/projects/git_http_client_controller.rb index 9a1bf037a95..4d897db5906 100644 --- a/app/controllers/projects/git_http_client_controller.rb +++ b/app/controllers/projects/git_http_client_controller.rb @@ -75,13 +75,16 @@ class Projects::GitHttpClientController < Projects::ApplicationController def project return @project if defined?(@project) + @project = Project.find_by_full_path(requested_path, follow_redirects: true) + end + + def redirected_path + requested_path if project.full_path != requested_path + end + + def requested_path project_id, _ = project_id_with_suffix - @project = - if project_id.blank? - nil - else - Project.find_by_full_path("#{params[:namespace_id]}/#{project_id}") - end + "#{params[:namespace_id]}/#{project_id}" end # This method returns two values so that we can parse diff --git a/app/controllers/projects/git_http_controller.rb b/app/controllers/projects/git_http_controller.rb index 9e4edcae101..b586e1d5ecb 100644 --- a/app/controllers/projects/git_http_controller.rb +++ b/app/controllers/projects/git_http_controller.rb @@ -11,7 +11,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController elsif receive_pack? && receive_pack_allowed? render_ok elsif http_blocked? - render_http_not_allowed + render_git_access_error_message else render_denied end @@ -62,23 +62,19 @@ class Projects::GitHttpController < Projects::GitHttpClientController render json: Gitlab::Workhorse.git_http_ok(repository, wiki?, user, action_name) end - def render_http_not_allowed + def render_git_access_error_message render plain: access_check.message, status: :forbidden end def render_denied if user && can?(user, :read_project, project) - render plain: access_denied_message, status: :forbidden + render_git_access_error_message else # Do not leak information about project existence render_not_found end end - def access_denied_message - 'Access denied' - end - def upload_pack_allowed? return false unless Gitlab.config.gitlab_shell.upload_pack @@ -86,7 +82,7 @@ class Projects::GitHttpController < Projects::GitHttpClientController end def access - @access ||= access_klass.new(user, project, 'http', authentication_abilities: authentication_abilities) + @access ||= access_klass.new(user, project, 'http', authentication_abilities: authentication_abilities, redirected_path: redirected_path) end def access_check |