diff options
Diffstat (limited to 'lib')
31 files changed, 99 insertions, 92 deletions
diff --git a/lib/api/api.rb b/lib/api/api.rb index cb46f477ff9..60858a39407 100644 --- a/lib/api/api.rb +++ b/lib/api/api.rb @@ -6,7 +6,7 @@ module API version 'v3', using: :path rescue_from ActiveRecord::RecordNotFound do - rack_response({'message' => '404 Not found'}.to_json, 404) + rack_response({ 'message' => '404 Not found' }.to_json, 404) end rescue_from :all do |exception| @@ -19,7 +19,7 @@ module API message << " " << trace.join("\n ") API.logger.add Logger::FATAL, message - rack_response({'message' => '500 Internal Server Error'}, 500) + rack_response({ 'message' => '500 Internal Server Error' }, 500) end format :json diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb index 23975518181..b9994fcefda 100644 --- a/lib/api/api_guard.rb +++ b/lib/api/api_guard.rb @@ -47,16 +47,12 @@ module APIGuard case validate_access_token(access_token, scopes) when Oauth2::AccessTokenValidationService::INSUFFICIENT_SCOPE raise InsufficientScopeError.new(scopes) - when Oauth2::AccessTokenValidationService::EXPIRED raise ExpiredError - when Oauth2::AccessTokenValidationService::REVOKED raise RevokedError - when Oauth2::AccessTokenValidationService::VALID @current_user = User.find(access_token.resource_owner_id) - end end end @@ -120,8 +116,9 @@ module APIGuard end def oauth2_bearer_token_error_handler - Proc.new {|e| - response = case e + Proc.new do |e| + response = + case e when MissingTokenError Rack::OAuth2::Server::Resource::Bearer::Unauthorized.new @@ -146,11 +143,11 @@ module APIGuard Rack::OAuth2::Server::Resource::Bearer::Forbidden.new( :insufficient_scope, Rack::OAuth2::Server::Resource::ErrorMethods::DEFAULT_DESCRIPTION[:insufficient_scope], - { :scope => e.scopes}) + { scope: e.scopes }) end response.finish - } + end end end @@ -172,4 +169,4 @@ module APIGuard @scopes = scopes end end -end
\ No newline at end of file +end diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 96920718ab5..fa76a54c2d8 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -55,7 +55,7 @@ module API expose :path, :path_with_namespace expose :issues_enabled, :merge_requests_enabled, :wiki_enabled, :snippets_enabled, :created_at, :last_activity_at expose :namespace - expose :forked_from_project, using: Entities::ForkedFromProject, :if => lambda{ | project, options | project.forked? } + expose :forked_from_project, using: Entities::ForkedFromProject, if: lambda{ | project, options | project.forked? } end class ProjectMember < UserBasic diff --git a/lib/api/group_members.rb b/lib/api/group_members.rb index d596517c816..4373070083a 100644 --- a/lib/api/group_members.rb +++ b/lib/api/group_members.rb @@ -3,22 +3,6 @@ module API before { authenticate! } resource :groups do - helpers do - def find_group(id) - group = Group.find(id) - - if can?(current_user, :read_group, group) - group - else - render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) - end - end - - def validate_access_level?(level) - Gitlab::Access.options_with_owner.values.include? level.to_i - end - end - # Get a list of group members viewable by the authenticated user. # # Example Request: diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 730dfad52c8..384a28e41f5 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -4,22 +4,6 @@ module API before { authenticate! } resource :groups do - helpers do - def find_group(id) - group = Group.find(id) - - if can?(current_user, :read_group, group) - group - else - render_api_error!("403 Forbidden - #{current_user.username} lacks sufficient access to #{group.name}", 403) - end - end - - def validate_access_level?(level) - Gitlab::Access.options_with_owner.values.include? level.to_i - end - end - # Get a groups list # # Example Request: diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 62c26ef76ce..be9e4280d65 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -55,6 +55,21 @@ module API end end + def find_group(id) + begin + group = Group.find(id) + rescue ActiveRecord::RecordNotFound + group = Group.find_by!(path: id) + end + + if can?(current_user, :read_group, group) + group + else + forbidden!("#{current_user.username} lacks sufficient "\ + "access to #{group.name}") + end + end + def paginate(relation) per_page = params[:per_page].to_i paginated = relation.page(params[:page]).per(per_page) @@ -135,10 +150,16 @@ module API errors end + def validate_access_level?(level) + Gitlab::Access.options_with_owner.values.include? level.to_i + end + # error helpers - def forbidden! - render_api_error!('403 Forbidden', 403) + def forbidden!(reason = nil) + message = ['403 Forbidden'] + message << " - #{reason}" if reason + render_api_error!(message.join(' '), 403) end def bad_request!(attribute) @@ -173,7 +194,7 @@ module API end def render_api_error!(message, status) - error!({'message' => message}, status) + error!({ 'message' => message }, status) end private diff --git a/lib/api/internal.rb b/lib/api/internal.rb index a999cff09c0..7a89a26facc 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -1,9 +1,7 @@ module API # Internal access API class Internal < Grape::API - before { - authenticate_by_gitlab_shell_token! - } + before { authenticate_by_gitlab_shell_token! } namespace 'internal' do # Check if git command is allowed to project diff --git a/lib/api/namespaces.rb b/lib/api/namespaces.rb index f9f2ed90ccc..b90ed6af5fb 100644 --- a/lib/api/namespaces.rb +++ b/lib/api/namespaces.rb @@ -1,10 +1,10 @@ module API # namespaces API class Namespaces < Grape::API - before { + before do authenticate! authenticated_as_admin! - } + end resource :namespaces do # Get a namespaces list diff --git a/lib/api/project_members.rb b/lib/api/project_members.rb index 8e32f124ea5..1e890f9e199 100644 --- a/lib/api/project_members.rb +++ b/lib/api/project_members.rb @@ -106,7 +106,7 @@ module API unless team_member.nil? team_member.destroy else - {message: "Access revoked", id: params[:user_id].to_i} + { message: "Access revoked", id: params[:user_id].to_i } end end end diff --git a/lib/api/system_hooks.rb b/lib/api/system_hooks.rb index 3e239c5afe7..518964db50d 100644 --- a/lib/api/system_hooks.rb +++ b/lib/api/system_hooks.rb @@ -1,10 +1,10 @@ module API # Hooks API class SystemHooks < Grape::API - before { + before do authenticate! authenticated_as_admin! - } + end resource :hooks do # Get the list of system hooks diff --git a/lib/email_validator.rb b/lib/email_validator.rb index 0a67ebcd795..f509f0a5843 100644 --- a/lib/email_validator.rb +++ b/lib/email_validator.rb @@ -1,5 +1,5 @@ # Based on https://github.com/balexand/email_validator -# +# # Extended to use only strict mode with following allowed characters: # ' - apostrophe # diff --git a/lib/gitlab/access.rb b/lib/gitlab/access.rb index 411b2b9a3cc..424541b4a04 100644 --- a/lib/gitlab/access.rb +++ b/lib/gitlab/access.rb @@ -11,6 +11,11 @@ module Gitlab MASTER = 40 OWNER = 50 + # Branch protection settings + PROTECTION_NONE = 0 + PROTECTION_DEV_CAN_PUSH = 1 + PROTECTION_FULL = 2 + class << self def values options.values @@ -43,6 +48,18 @@ module Gitlab master: MASTER, } end + + def protection_options + { + "Not protected, developers and masters can (force) push and delete the branch" => PROTECTION_NONE, + "Partially protected, developers can also push but prevent all force pushes and deletion" => PROTECTION_DEV_CAN_PUSH, + "Fully protected, only masters can push and prevent all force pushes and deletion" => PROTECTION_FULL, + } + end + + def protection_values + protection_options.values + end end def human_access diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb index 2e393f753e8..3f207c56631 100644 --- a/lib/gitlab/backend/grack_auth.rb +++ b/lib/gitlab/backend/grack_auth.rb @@ -34,7 +34,7 @@ module Grack def auth! if @auth.provided? return bad_request unless @auth.basic? - + # Authentication with username and password login, password = @auth.credentials @@ -80,11 +80,11 @@ module Grack def authenticate_user(login, password) user = Gitlab::Auth.new.find(login, password) - + unless user user = oauth_access_token_check(login, password) end - + return user if user.present? # At this point, we know the credentials were wrong. We let Rack::Attack @@ -154,7 +154,7 @@ module Grack end def render_not_found - [404, {"Content-Type" => "text/plain"}, ["Not Found"]] + [404, { "Content-Type" => "text/plain" }, ["Not Found"]] end end end diff --git a/lib/gitlab/backend/shell_adapter.rb b/lib/gitlab/backend/shell_adapter.rb index f247f4593d7..fbe2a7a0d72 100644 --- a/lib/gitlab/backend/shell_adapter.rb +++ b/lib/gitlab/backend/shell_adapter.rb @@ -9,4 +9,3 @@ module Gitlab end end end - diff --git a/lib/gitlab/current_settings.rb b/lib/gitlab/current_settings.rb index 2c5660df373..93e7edf508c 100644 --- a/lib/gitlab/current_settings.rb +++ b/lib/gitlab/current_settings.rb @@ -12,6 +12,7 @@ module Gitlab def fake_application_settings OpenStruct.new( default_projects_limit: Settings.gitlab['default_projects_limit'], + default_branch_protection: Settings.gitlab['default_branch_protection'], signup_enabled: Settings.gitlab['signup_enabled'], signin_enabled: Settings.gitlab['signin_enabled'], gravatar_enabled: Settings.gravatar['enabled'], diff --git a/lib/gitlab/diff/parser.rb b/lib/gitlab/diff/parser.rb index f7c1f20d762..887ed76b36c 100644 --- a/lib/gitlab/diff/parser.rb +++ b/lib/gitlab/diff/parser.rb @@ -4,7 +4,7 @@ module Gitlab include Enumerable def parse(lines) - @lines = lines, + @lines = lines lines_obj = [] line_obj_index = 0 line_old = 1 @@ -74,7 +74,7 @@ module Gitlab def html_escape(str) replacements = { '&' => '&', '>' => '>', '<' => '<', '"' => '"', "'" => ''' } - str.gsub(/[&"'><]/, replacements) + str.gsub(/[&"'><]/, replacements) end end end diff --git a/lib/gitlab/force_push_check.rb b/lib/gitlab/force_push_check.rb index 6ba2c3ad00a..eae9773a067 100644 --- a/lib/gitlab/force_push_check.rb +++ b/lib/gitlab/force_push_check.rb @@ -12,4 +12,3 @@ module Gitlab end end end - diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb index ea96d04c5ab..6444cec7eb5 100644 --- a/lib/gitlab/git_access.rb +++ b/lib/gitlab/git_access.rb @@ -112,14 +112,14 @@ module Gitlab def protected_branch_action(project, oldrev, newrev, branch_name) # we dont allow force push to protected branch if forced_push?(project, oldrev, newrev) - :force_push_code_to_protected_branches - # and we dont allow remove of protected branch + :force_push_code_to_protected_branches elsif newrev == Gitlab::Git::BLANK_SHA - :remove_protected_branches + # and we dont allow remove of protected branch + :remove_protected_branches elsif project.developers_can_push_to_protected_branch?(branch_name) - :push_code + :push_code else - :push_code_to_protected_branches + :push_code_to_protected_branches end end diff --git a/lib/gitlab/git_access_status.rb b/lib/gitlab/git_access_status.rb index 3d451ecebee..5a806ff6e0d 100644 --- a/lib/gitlab/git_access_status.rb +++ b/lib/gitlab/git_access_status.rb @@ -9,7 +9,7 @@ module Gitlab end def to_json - {status: @status, message: @message}.to_json + { status: @status, message: @message }.to_json end end -end
\ No newline at end of file +end diff --git a/lib/gitlab/github/importer.rb b/lib/gitlab/github/importer.rb index c72a1c25e9e..9f0fc6c4471 100644 --- a/lib/gitlab/github/importer.rb +++ b/lib/gitlab/github/importer.rb @@ -9,12 +9,12 @@ module Gitlab def execute client = octo_client(project.creator.github_access_token) - + #Issues && Comments client.list_issues(project.import_source, state: :all).each do |issue| if issue.pull_request.nil? body = "*Created by: #{issue.user.login}*\n\n#{issue.body}" - + if issue.comments > 0 body += "\n\n\n**Imported comments:**\n" client.issue_comments(project.import_source, issue.number).each do |c| @@ -23,7 +23,7 @@ module Gitlab end project.issues.create!( - description: body, + description: body, title: issue.title, state: issue.state == 'closed' ? 'closed' : 'opened', author_id: gl_user_id(project, issue.user.id) @@ -36,7 +36,7 @@ module Gitlab def octo_client(access_token) ::Octokit.auto_paginate = true - ::Octokit::Client.new(:access_token => access_token) + ::Octokit::Client.new(access_token: access_token) end def gl_user_id(project, github_id) diff --git a/lib/gitlab/ldap/adapter.rb b/lib/gitlab/ldap/adapter.rb index 256cdb4c2f1..577a890a7d9 100644 --- a/lib/gitlab/ldap/adapter.rb +++ b/lib/gitlab/ldap/adapter.rb @@ -63,8 +63,10 @@ module Gitlab end def dn_matches_filter?(dn, filter) - ldap_search(base: dn, filter: filter, - scope: Net::LDAP::SearchScope_BaseObject, attributes: %w{dn}).any? + ldap_search(base: dn, + filter: filter, + scope: Net::LDAP::SearchScope_BaseObject, + attributes: %w{dn}).any? end def ldap_search(*args) diff --git a/lib/gitlab/satellite/action.rb b/lib/gitlab/satellite/action.rb index be45cb5c98e..4890ccf21e6 100644 --- a/lib/gitlab/satellite/action.rb +++ b/lib/gitlab/satellite/action.rb @@ -44,7 +44,7 @@ module Gitlab end def default_options(options = {}) - {raise: true, timeout: true}.merge(options) + { raise: true, timeout: true }.merge(options) end def handle_exception(exception) diff --git a/lib/gitlab/satellite/files/delete_file_action.rb b/lib/gitlab/satellite/files/delete_file_action.rb index 30462999aa3..0d37b9dea85 100644 --- a/lib/gitlab/satellite/files/delete_file_action.rb +++ b/lib/gitlab/satellite/files/delete_file_action.rb @@ -13,7 +13,7 @@ module Gitlab prepare_satellite!(repo) # create target branch in satellite at the corresponding commit from bare repo - repo.git.checkout({raise: true, timeout: true, b: true}, ref, "origin/#{ref}") + repo.git.checkout({ raise: true, timeout: true, b: true }, ref, "origin/#{ref}") # update the file in the satellite's working dir file_path_in_satellite = File.join(repo.working_dir, file_path) @@ -36,7 +36,7 @@ module Gitlab # push commit back to bare repo # will raise CommandFailed when push fails - repo.git.push({raise: true, timeout: true}, :origin, ref) + repo.git.push({ raise: true, timeout: true }, :origin, ref) # everything worked true diff --git a/lib/gitlab/satellite/files/edit_file_action.rb b/lib/gitlab/satellite/files/edit_file_action.rb index cbdf70f7d12..2834b722b27 100644 --- a/lib/gitlab/satellite/files/edit_file_action.rb +++ b/lib/gitlab/satellite/files/edit_file_action.rb @@ -15,7 +15,7 @@ module Gitlab prepare_satellite!(repo) # create target branch in satellite at the corresponding commit from bare repo - repo.git.checkout({raise: true, timeout: true, b: true}, ref, "origin/#{ref}") + repo.git.checkout({ raise: true, timeout: true, b: true }, ref, "origin/#{ref}") # update the file in the satellite's working dir file_path_in_satellite = File.join(repo.working_dir, file_path) @@ -36,7 +36,7 @@ module Gitlab # push commit back to bare repo # will raise CommandFailed when push fails - repo.git.push({raise: true, timeout: true}, :origin, ref) + repo.git.push({ raise: true, timeout: true }, :origin, ref) # everything worked true diff --git a/lib/gitlab/satellite/files/new_file_action.rb b/lib/gitlab/satellite/files/new_file_action.rb index 5b657c7aba2..69f7ffa94e4 100644 --- a/lib/gitlab/satellite/files/new_file_action.rb +++ b/lib/gitlab/satellite/files/new_file_action.rb @@ -19,7 +19,7 @@ module Gitlab # skip this step if we want to add first file to empty repo Satellite::PARKING_BRANCH else - repo.git.checkout({raise: true, timeout: true, b: true}, ref, "origin/#{ref}") + repo.git.checkout({ raise: true, timeout: true, b: true }, ref, "origin/#{ref}") ref end @@ -47,7 +47,7 @@ module Gitlab # push commit back to bare repo # will raise CommandFailed when push fails - repo.git.push({raise: true, timeout: true}, :origin, "#{current_ref}:#{ref}") + repo.git.push({ raise: true, timeout: true }, :origin, "#{current_ref}:#{ref}") # everything worked true diff --git a/lib/gitlab/satellite/merge_action.rb b/lib/gitlab/satellite/merge_action.rb index e9141f735aa..25122666f5e 100644 --- a/lib/gitlab/satellite/merge_action.rb +++ b/lib/gitlab/satellite/merge_action.rb @@ -86,7 +86,7 @@ module Gitlab in_locked_and_timed_satellite do |merge_repo| prepare_satellite!(merge_repo) update_satellite_source_and_target!(merge_repo) - patch = merge_repo.git.format_patch(default_options({stdout: true}), "origin/#{merge_request.target_branch}..source/#{merge_request.source_branch}") + patch = merge_repo.git.format_patch(default_options({ stdout: true }), "origin/#{merge_request.target_branch}..source/#{merge_request.source_branch}") end rescue Grit::Git::CommandFailed => ex handle_exception(ex) @@ -128,7 +128,7 @@ module Gitlab # merge the source branch into the satellite # will raise CommandFailed when merge fails - repo.git.merge(default_options({no_ff: true}), "-m#{message}", "source/#{merge_request.source_branch}") + repo.git.merge(default_options({ no_ff: true }), "-m#{message}", "source/#{merge_request.source_branch}") rescue Grit::Git::CommandFailed => ex handle_exception(ex) end @@ -137,7 +137,7 @@ module Gitlab def update_satellite_source_and_target!(repo) repo.remote_add('source', merge_request.source_project.repository.path_to_repo) repo.remote_fetch('source') - repo.git.checkout(default_options({b: true}), merge_request.target_branch, "origin/#{merge_request.target_branch}") + repo.git.checkout(default_options({ b: true }), merge_request.target_branch, "origin/#{merge_request.target_branch}") rescue Grit::Git::CommandFailed => ex handle_exception(ex) end diff --git a/lib/gitlab/satellite/satellite.rb b/lib/gitlab/satellite/satellite.rb index 1de84309d15..62d1bb364d3 100644 --- a/lib/gitlab/satellite/satellite.rb +++ b/lib/gitlab/satellite/satellite.rb @@ -98,13 +98,13 @@ module Gitlab if heads.include? PARKING_BRANCH repo.git.checkout({}, PARKING_BRANCH) else - repo.git.checkout(default_options({b: true}), PARKING_BRANCH) + repo.git.checkout(default_options({ b: true }), PARKING_BRANCH) end # remove the parking branch from the list of heads ... heads.delete(PARKING_BRANCH) # ... and delete all others - heads.each { |head| repo.git.branch(default_options({D: true}), head) } + heads.each { |head| repo.git.branch(default_options({ D: true }), head) } end # Deletes all remotes except origin @@ -126,7 +126,7 @@ module Gitlab end def default_options(options = {}) - {raise: true, timeout: true}.merge(options) + { raise: true, timeout: true }.merge(options) end # Create directory for storing diff --git a/lib/gitlab/upgrader.rb b/lib/gitlab/upgrader.rb index 74b049b5143..0570c2fbeb5 100644 --- a/lib/gitlab/upgrader.rb +++ b/lib/gitlab/upgrader.rb @@ -62,7 +62,7 @@ module Gitlab end def env - {'RAILS_ENV' => 'production'} + { 'RAILS_ENV' => 'production' } end def upgrade diff --git a/lib/tasks/gitlab/test.rake b/lib/tasks/gitlab/test.rake index c01b00bd1c0..b4076f8238f 100644 --- a/lib/tasks/gitlab/test.rake +++ b/lib/tasks/gitlab/test.rake @@ -2,6 +2,7 @@ namespace :gitlab do desc "GITLAB | Run all tests" task :test do cmds = [ + %W(rake rubocop), %W(rake spinach), %W(rake spec), %W(rake jasmine:ci) diff --git a/lib/tasks/rubocop.rake b/lib/tasks/rubocop.rake new file mode 100644 index 00000000000..ddfaf5d51f2 --- /dev/null +++ b/lib/tasks/rubocop.rake @@ -0,0 +1,4 @@ +unless Rails.env.production? + require 'rubocop/rake_task' + RuboCop::RakeTask.new +end diff --git a/lib/tasks/test.rake b/lib/tasks/test.rake index 583f4a876da..3ea9290a814 100644 --- a/lib/tasks/test.rake +++ b/lib/tasks/test.rake @@ -9,5 +9,5 @@ unless Rails.env.production? require 'coveralls/rake/task' Coveralls::RakeTask.new desc "GITLAB | Run all tests on CI with simplecov" - task :test_ci => [:spinach, :spec, 'coveralls:push'] + task :test_ci => [:rubocop, :spinach, :spec, 'coveralls:push'] end |