diff options
| author | Patricio Cano <suprnova32@gmail.com> | 2016-08-25 17:26:20 -0500 |
|---|---|---|
| committer | Patricio Cano <suprnova32@gmail.com> | 2016-09-15 12:21:00 -0500 |
| commit | e40e3fdc8271d1becf7952c7e30546c5abecb79b (patch) | |
| tree | d2b8ef12a133ea77c598b456d15c46ea55a1e1bd /lib | |
| parent | f8bd9625f44ae4233c14e473c57becfb7ff15ca9 (diff) | |
| download | gitlab-ce-e40e3fdc8271d1becf7952c7e30546c5abecb79b.tar.gz | |
Added LFS support to SSH
- Required on the GitLab Rails side is mostly authentication and API related.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/entities.rb | 2 | ||||
| -rw-r--r-- | lib/api/internal.rb | 13 | ||||
| -rw-r--r-- | lib/gitlab/auth.rb | 13 |
3 files changed, 25 insertions, 3 deletions
diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 4f736e4ec2b..b4fcacca896 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -1,7 +1,7 @@ module API module Entities class UserSafe < Grape::Entity - expose :name, :username + expose :name, :username, :lfs_token end class UserBasic < UserSafe diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 6e6efece7c4..7c0a6eaa652 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -69,6 +69,10 @@ module API else project.repository.path_to_repo end + + # Return HTTP full path, so that gitlab-shell has this information + # ready for git-lfs-authenticate + response[:repository_http_path] = project.http_url_to_repo end response @@ -83,7 +87,14 @@ module API # get "/discover" do key = Key.find(params[:key_id]) - present key.user, with: Entities::UserSafe + user = key.user + if user + user.ensure_lfs_token! + present user, with: Entities::UserSafe + else + key.ensure_lfs_token! + { username: 'lfs-deploy-key', lfs_token: key.lfs_token } + end end get "/check" do diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 91f0270818a..5446093de4d 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -79,12 +79,13 @@ module Gitlab result = user_with_password_for_git(login, password) || oauth_access_token_check(login, password) || + lfs_token_check(login, password) || personal_access_token_check(login, password) if result result.type = nil unless result.user - if result.user && result.user.two_factor_enabled? && result.type == :gitlab_or_ldap + if result.user && result.type == :gitlab_or_ldap && result.user.two_factor_enabled? result.type = :missing_personal_token end end @@ -114,6 +115,16 @@ module Gitlab Result.new(user, :personal_token) if user == validation end end + + def lfs_token_check(login, password) + if login == 'lfs-deploy-key' + key = DeployKey.find_by_lfs_token(password) + Result.new(key, :lfs_deploy_token) if key + else + user = User.find_by_lfs_token(password) + Result.new(user, :lfs_token) if user && user.username == login + end + end end end end |