From e0d62d9c5fa1145ef5378db07f28c3d399e9c34d Mon Sep 17 00:00:00 2001 From: Cameron Yule Date: Sat, 2 Feb 2013 20:04:07 +0000 Subject: Replacing the manual parsing of the /etc/group file with the equivalent call from the Etc class in the Ruby standard library. This has the benefit of supporting additional platforms (e.g. OS X). --- lib/tasks/gitlab/task_helpers.rake | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/tasks/gitlab/task_helpers.rake b/lib/tasks/gitlab/task_helpers.rake index d494125f76c..cb4e34cc0d7 100644 --- a/lib/tasks/gitlab/task_helpers.rake +++ b/lib/tasks/gitlab/task_helpers.rake @@ -77,8 +77,7 @@ namespace :gitlab do end def gid_for(group_name) - group_line = File.read("/etc/group").lines.select{|l| l.start_with?("#{group_name}:")}.first - group_line.split(":")[2].to_i + Etc.getgrnam(group_name).gid end def warn_user_is_not_gitlab -- cgit v1.2.1 From b698094d4dcd1558bfcc1611d3572297dd11ae1e Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 14 Feb 2013 14:00:02 +0200 Subject: Update post-receive worker to use correct identifier --- lib/gitlab/backend/grack_auth.rb | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb index a2d15d57034..8fcafe4ea9d 100644 --- a/lib/gitlab/backend/grack_auth.rb +++ b/lib/gitlab/backend/grack_auth.rb @@ -7,9 +7,6 @@ module Grack @request = Rack::Request.new(env) @auth = Request.new(env) - # Pass Gitolite update hook - ENV['GL_BYPASS_UPDATE_HOOK'] = "true" - # Need this patch due to the rails mount @env['PATH_INFO'] = @request.path @env['SCRIPT_NAME'] = "" @@ -35,8 +32,8 @@ module Grack self.user = User.find_by_email(login) || User.find_by_username(login) return false unless user.try(:valid_password?, password) - # Set GL_USER env variable - ENV['GL_USER'] = user.email + # Set GL_ID env variable + ENV['GL_ID'] = "user-#{user.id}" end # Git upload and receive -- cgit v1.2.1 From 49cf9badbce730c053496306778b801d596658af Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 14 Feb 2013 15:17:43 +0200 Subject: Gitlab::ShellEnv added --- lib/gitlab/backend/grack_auth.rb | 3 +-- lib/gitlab/backend/shell.rb | 1 - lib/gitlab/backend/shell_env.rb | 17 +++++++++++++++++ lib/gitlab/satellite/action.rb | 4 ++++ 4 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 lib/gitlab/backend/shell_env.rb (limited to 'lib') diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb index 8fcafe4ea9d..1e858701396 100644 --- a/lib/gitlab/backend/grack_auth.rb +++ b/lib/gitlab/backend/grack_auth.rb @@ -32,8 +32,7 @@ module Grack self.user = User.find_by_email(login) || User.find_by_username(login) return false unless user.try(:valid_password?, password) - # Set GL_ID env variable - ENV['GL_ID'] = "user-#{user.id}" + Gitlab::ShellEnv.set_env(user) end # Git upload and receive diff --git a/lib/gitlab/backend/shell.rb b/lib/gitlab/backend/shell.rb index 85fa5bda055..b7b92e86a87 100644 --- a/lib/gitlab/backend/shell.rb +++ b/lib/gitlab/backend/shell.rb @@ -53,7 +53,6 @@ module Gitlab system("/home/git/gitlab-shell/bin/gitlab-keys rm-key #{key_id} \"#{key_content}\"") end - def url_to_repo path Gitlab.config.gitlab_shell.ssh_path_prefix + "#{path}.git" end diff --git a/lib/gitlab/backend/shell_env.rb b/lib/gitlab/backend/shell_env.rb new file mode 100644 index 00000000000..15721875093 --- /dev/null +++ b/lib/gitlab/backend/shell_env.rb @@ -0,0 +1,17 @@ +module Gitlab + # This module provide 2 methods + # to set specific ENV variabled for GitLab Shell + module ShellEnv + extend self + + def set_env(user) + # Set GL_ID env variable + ENV['GL_ID'] = "user-#{user.id}" + end + + def reset_env + # Reset GL_ID env variable + ENV['GL_ID'] = nil + end + end +end diff --git a/lib/gitlab/satellite/action.rb b/lib/gitlab/satellite/action.rb index ed2541f3998..63303ca3de1 100644 --- a/lib/gitlab/satellite/action.rb +++ b/lib/gitlab/satellite/action.rb @@ -17,6 +17,8 @@ module Gitlab # * Locks the satellite repo # * Yields the prepared satellite repo def in_locked_and_timed_satellite + Gitlab::ShellEnv.set_env(user) + Grit::Git.with_timeout(options[:git_timeout]) do project.satellite.lock do return yield project.satellite.repo @@ -28,6 +30,8 @@ module Gitlab rescue Grit::Git::GitTimeout => ex Gitlab::GitLogger.error(ex.message) return false + ensure + Gitlab::ShellEnv.reset_env end # * Clears the satellite -- cgit v1.2.1 From c9ca15e8d6d77b12f6cba3dfccce1427ba760d39 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 14 Feb 2013 15:25:55 +0200 Subject: require missing lib --- lib/gitlab/backend/grack_auth.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'lib') diff --git a/lib/gitlab/backend/grack_auth.rb b/lib/gitlab/backend/grack_auth.rb index 1e858701396..abbee6132d3 100644 --- a/lib/gitlab/backend/grack_auth.rb +++ b/lib/gitlab/backend/grack_auth.rb @@ -1,3 +1,5 @@ +require_relative 'shell_env' + module Grack class Auth < Rack::Auth::Basic attr_accessor :user, :project -- cgit v1.2.1 From 08dfbc962b9263662a188cbd71ebf39e6223e721 Mon Sep 17 00:00:00 2001 From: Bhagavan Das Date: Thu, 14 Feb 2013 21:39:48 +0000 Subject: rename setup to setup_db so that it does not collide with gitlab:shell:setup task --- lib/tasks/gitlab/setup.rake | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/tasks/gitlab/setup.rake b/lib/tasks/gitlab/setup.rake index bc0742564d0..8d4950cf396 100644 --- a/lib/tasks/gitlab/setup.rake +++ b/lib/tasks/gitlab/setup.rake @@ -1,10 +1,10 @@ namespace :gitlab do desc "GITLAB | Setup production application" task :setup => :environment do - setup + setup_db end - def setup + def setup_db warn_user_is_not_gitlab puts "This will create the necessary database tables and seed the database." -- cgit v1.2.1 From 4bc7d98d65a84d037d6d8ddc807cdf0ceeb5a456 Mon Sep 17 00:00:00 2001 From: Bhagavan Das Date: Thu, 14 Feb 2013 23:10:18 +0000 Subject: Remove hardcoded refernce to gitlab-shell home. so that gitlab can be installed on any unix account other than git --- lib/gitlab/backend/shell.rb | 15 ++++++++++----- lib/tasks/gitlab/shell.rake | 5 +++-- 2 files changed, 13 insertions(+), 7 deletions(-) (limited to 'lib') diff --git a/lib/gitlab/backend/shell.rb b/lib/gitlab/backend/shell.rb index b7b92e86a87..9ea08ccbdbf 100644 --- a/lib/gitlab/backend/shell.rb +++ b/lib/gitlab/backend/shell.rb @@ -10,7 +10,7 @@ module Gitlab # add_repository("gitlab/gitlab-ci") # def add_repository(name) - system("/home/git/gitlab-shell/bin/gitlab-projects add-project #{name}.git") + system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects add-project #{name}.git") end # Import repository @@ -21,7 +21,7 @@ module Gitlab # import_repository("gitlab/gitlab-ci", "https://github.com/randx/six.git") # def import_repository(name, url) - system("/home/git/gitlab-shell/bin/gitlab-projects import-project #{name}.git #{url}") + system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects import-project #{name}.git #{url}") end # Remove repository from file system @@ -32,7 +32,7 @@ module Gitlab # remove_repository("gitlab/gitlab-ci") # def remove_repository(name) - system("/home/git/gitlab-shell/bin/gitlab-projects rm-project #{name}.git") + system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-projects rm-project #{name}.git") end # Add new key to gitlab-shell @@ -41,7 +41,7 @@ module Gitlab # add_key("key-42", "sha-rsa ...") # def add_key(key_id, key_content) - system("/home/git/gitlab-shell/bin/gitlab-keys add-key #{key_id} \"#{key_content}\"") + system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys add-key #{key_id} \"#{key_content}\"") end # Remove ssh key from gitlab shell @@ -50,11 +50,16 @@ module Gitlab # remove_key("key-342", "sha-rsa ...") # def remove_key(key_id, key_content) - system("/home/git/gitlab-shell/bin/gitlab-keys rm-key #{key_id} \"#{key_content}\"") + system("#{gitlab_shell_user_home}/gitlab-shell/bin/gitlab-keys rm-key #{key_id} \"#{key_content}\"") end def url_to_repo path Gitlab.config.gitlab_shell.ssh_path_prefix + "#{path}.git" end + + def gitlab_shell_user_home + File.expand_path("~#{Gitlab.config.gitlab_shell.ssh_user}") + end + end end diff --git a/lib/tasks/gitlab/shell.rake b/lib/tasks/gitlab/shell.rake index 0ab8df1d094..ec5451dd47c 100644 --- a/lib/tasks/gitlab/shell.rake +++ b/lib/tasks/gitlab/shell.rake @@ -25,12 +25,13 @@ namespace :gitlab do def setup warn_user_is_not_gitlab + gitlab_shell_authorized_keys = File.join(File.expand_path("~#{Gitlab.config.gitlab_shell.ssh_user}"),'.ssh/authorized_keys') puts "This will rebuild an authorized_keys file." - puts "You will lose any data stored in /home/git/.ssh/authorized_keys." + puts "You will lose any data stored in #{gitlab_shell_authorized_keys}." ask_to_continue puts "" - system("echo '# Managed by gitlab-shell' > /home/git/.ssh/authorized_keys") + system("echo '# Managed by gitlab-shell' > #{gitlab_shell_authorized_keys}") Key.find_each(batch_size: 1000) do |key| if Gitlab::Shell.new.add_key(key.shell_id, key.key) -- cgit v1.2.1 From bbd1bfd1558c32a4210a554e5e6fcc35d58e4052 Mon Sep 17 00:00:00 2001 From: livedata Date: Fri, 15 Feb 2013 15:37:06 +0100 Subject: fixed API access to the project --- lib/api/entities.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index c1873d87b55..2cd8aa6c265 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -20,7 +20,7 @@ module Gitlab class Project < Grape::Entity expose :id, :name, :description, :default_branch expose :owner, using: Entities::UserBasic - expose :private_flag, as: :private + expose :public, as: :private expose :path, :path_with_namespace expose :issues_enabled, :merge_requests_enabled, :wall_enabled, :wiki_enabled, :created_at expose :namespace -- cgit v1.2.1 From b7297285369171c95b006e49d6da7bc84b969fc8 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Sat, 16 Feb 2013 14:42:22 +0200 Subject: uppercase Gitlab version and revision constants. check api return gitlab version now --- lib/api/internal.rb | 4 +++- lib/tasks/gitlab/info.rake | 4 ++-- 2 files changed, 5 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 3e5e3a478ba..5d74a761c05 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -40,7 +40,9 @@ module Gitlab get "/check" do { - api_version: '3' + api_version: Gitlab::API.version, + gitlab_version: Gitlab::VERSION, + gitlab_rev: Gitlab::REVISION, } end end diff --git a/lib/tasks/gitlab/info.rake b/lib/tasks/gitlab/info.rake index c44016ef6e8..091de6ee6d5 100644 --- a/lib/tasks/gitlab/info.rake +++ b/lib/tasks/gitlab/info.rake @@ -40,8 +40,8 @@ namespace :gitlab do puts "" puts "GitLab information".yellow - puts "Version:\t#{Gitlab::Version}" - puts "Revision:\t#{Gitlab::Revision}" + puts "Version:\t#{Gitlab::VERSION}" + puts "Revision:\t#{Gitlab::REVISION}" puts "Directory:\t#{Rails.root}" puts "DB Adapter:\t#{database_adapter}" puts "URL:\t\t#{Gitlab.config.gitlab.url}" -- cgit v1.2.1 From e9d3b9659525c23a1d8c3b755c792040a5b41148 Mon Sep 17 00:00:00 2001 From: Sebastian Ziebell Date: Sat, 16 Feb 2013 14:42:49 +0100 Subject: API: fixes visibility of project hook When a user is not authorized to see the list of hooks for a project, he is still able to access the hooks separately. For example if access to `GET /projects/:id/hooks` fails and returns a `403 Unauthorized` error it is still possible to access a hook directly via `GET /projects/:id/hooks/:hook_id`. Fixes access, also added tests to check access and status codes of hooks. --- lib/api/projects.rb | 1 + 1 file changed, 1 insertion(+) (limited to 'lib') diff --git a/lib/api/projects.rb b/lib/api/projects.rb index d416121a78a..921aa237f26 100644 --- a/lib/api/projects.rb +++ b/lib/api/projects.rb @@ -155,6 +155,7 @@ module Gitlab # Example Request: # GET /projects/:id/hooks/:hook_id get ":id/hooks/:hook_id" do + authorize! :admin_project, user_project @hook = user_project.hooks.find(params[:hook_id]) present @hook, with: Entities::Hook end -- cgit v1.2.1 From 020078663e401798d199a1a293ac59d990f81dad Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Mon, 18 Feb 2013 09:28:18 +0200 Subject: Prevent xss attack over group name. Added regex validation for group and team name --- lib/gitlab/regex.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'lib') diff --git a/lib/gitlab/regex.rb b/lib/gitlab/regex.rb index 483042205ea..5eeb7c80184 100644 --- a/lib/gitlab/regex.rb +++ b/lib/gitlab/regex.rb @@ -10,6 +10,10 @@ module Gitlab /\A[a-zA-Z][a-zA-Z0-9_\-\. ]*\z/ end + def name_regex + /\A[a-zA-Z0-9_\-\. ]*\z/ + end + def path_regex default_regex end -- cgit v1.2.1 From 29f70acc987abe0b188ef187c70f179088d79589 Mon Sep 17 00:00:00 2001 From: Andrew8xx8 Date: Mon, 18 Feb 2013 13:07:49 +0400 Subject: Merge Request uses StateMachine now --- lib/api/entities.rb | 2 +- lib/api/merge_requests.rb | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'lib') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 2cd8aa6c265..8d965b6066e 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -81,7 +81,7 @@ module Gitlab end class MergeRequest < Grape::Entity - expose :id, :target_branch, :source_branch, :project_id, :title, :closed, :merged + expose :id, :target_branch, :source_branch, :project_id, :title, :state expose :author, :assignee, using: Entities::UserBasic end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index 470cd1e1c2d..7f763eb49d5 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -73,12 +73,12 @@ module Gitlab # target_branch - The target branch # assignee_id - Assignee user ID # title - Title of MR - # closed - Status of MR. true - closed + # state_event - Status of MR. (close|reopen|merge) # Example: # PUT /projects/:id/merge_request/:merge_request_id # put ":id/merge_request/:merge_request_id" do - attrs = attributes_for_keys [:source_branch, :target_branch, :assignee_id, :title, :closed] + attrs = attributes_for_keys [:source_branch, :target_branch, :assignee_id, :title, :state_event] merge_request = user_project.merge_requests.find(params[:merge_request_id]) authorize! :modify_merge_request, merge_request -- cgit v1.2.1 From 0b512af803d007852bcba40c75203e0e45dda177 Mon Sep 17 00:00:00 2001 From: Andrew8xx8 Date: Mon, 18 Feb 2013 13:10:09 +0400 Subject: Milestone uses StateMachine now --- lib/api/milestones.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'lib') diff --git a/lib/api/milestones.rb b/lib/api/milestones.rb index 6aca9d01b09..eaf0d37c18b 100644 --- a/lib/api/milestones.rb +++ b/lib/api/milestones.rb @@ -59,14 +59,14 @@ module Gitlab # title (optional) - The title of a milestone # description (optional) - The description of a milestone # due_date (optional) - The due date of a milestone - # closed (optional) - The status of the milestone + # state (optional) - The status of the milestone (close|activate) # Example Request: # PUT /projects/:id/milestones/:milestone_id put ":id/milestones/:milestone_id" do authorize! :admin_milestone, user_project @milestone = user_project.milestones.find(params[:milestone_id]) - attrs = attributes_for_keys [:title, :description, :due_date, :closed] + attrs = attributes_for_keys [:title, :description, :due_date, :state_event] if @milestone.update_attributes attrs present @milestone, with: Entities::Milestone else -- cgit v1.2.1 From 1644117a1ac45bd7d250e7bced929a00a3befe5e Mon Sep 17 00:00:00 2001 From: Andrew8xx8 Date: Mon, 18 Feb 2013 13:10:58 +0400 Subject: Issue uses StateMachine now --- lib/api/entities.rb | 7 +++---- lib/api/issues.rb | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) (limited to 'lib') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index 8d965b6066e..b5dd033bc5d 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -35,12 +35,11 @@ module Gitlab class Group < Grape::Entity expose :id, :name, :path, :owner_id end - + class GroupDetail < Group expose :projects, using: Entities::Project end - class RepoObject < Grape::Entity expose :name, :commit expose :protected do |repo, options| @@ -63,7 +62,7 @@ module Gitlab class Milestone < Grape::Entity expose :id expose (:project_id) {|milestone| milestone.project.id} - expose :title, :description, :due_date, :closed, :updated_at, :created_at + expose :title, :description, :due_date, :state, :updated_at, :created_at end class Issue < Grape::Entity @@ -73,7 +72,7 @@ module Gitlab expose :label_list, as: :labels expose :milestone, using: Entities::Milestone expose :assignee, :author, using: Entities::UserBasic - expose :closed, :updated_at, :created_at + expose :state, :updated_at, :created_at end class SSHKey < Grape::Entity diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 4d832fbe593..70bbf47e72c 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -69,14 +69,14 @@ module Gitlab # assignee_id (optional) - The ID of a user to assign issue # milestone_id (optional) - The ID of a milestone to assign issue # labels (optional) - The labels of an issue - # closed (optional) - The state of an issue (0 = false, 1 = true) + # state (optional) - The state of an issue (close|reopen) # Example Request: # PUT /projects/:id/issues/:issue_id put ":id/issues/:issue_id" do @issue = user_project.issues.find(params[:issue_id]) authorize! :modify_issue, @issue - attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id, :closed] + attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id, :state_event] attrs[:label_list] = params[:labels] if params[:labels].present? IssueObserver.current_user = current_user if @issue.update_attributes attrs -- cgit v1.2.1 From 67465dc5ef885fef236b6a4e2de5e008e8e149b1 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Tue, 19 Feb 2013 11:45:49 +0200 Subject: Fix private flag for project --- lib/api/entities.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/api/entities.rb b/lib/api/entities.rb index b5dd033bc5d..1cae1d337fe 100644 --- a/lib/api/entities.rb +++ b/lib/api/entities.rb @@ -20,7 +20,7 @@ module Gitlab class Project < Grape::Entity expose :id, :name, :description, :default_branch expose :owner, using: Entities::UserBasic - expose :public, as: :private + expose :public expose :path, :path_with_namespace expose :issues_enabled, :merge_requests_enabled, :wall_enabled, :wiki_enabled, :created_at expose :namespace -- cgit v1.2.1