Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
8cdd54cc
Commit
8cdd54cc
authored
Dec 10, 2015
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add runners token
parent
e80e3f53
Changes
12
Hide whitespace changes
Inline
Side-by-side
Showing
12 changed files
with
23 additions
and
29 deletions
+23
-29
app/controllers/ci/application_controller.rb
app/controllers/ci/application_controller.rb
+0
-6
app/controllers/ci/projects_controller.rb
app/controllers/ci/projects_controller.rb
+1
-2
app/models/ci/build.rb
app/models/ci/build.rb
+1
-1
app/models/project.rb
app/models/project.rb
+9
-7
db/migrate/20151203162135_add_ci_to_project.rb
db/migrate/20151203162135_add_ci_to_project.rb
+2
-1
db/migrate/20151204110613_migrate_ci_to_project.rb
db/migrate/20151204110613_migrate_ci_to_project.rb
+4
-3
db/migrate/20151204110832_add_index_to_ci_tables.rb
db/migrate/20151204110832_add_index_to_ci_tables.rb
+2
-1
lib/ci/api/helpers.rb
lib/ci/api/helpers.rb
+0
-4
lib/ci/api/runners.rb
lib/ci/api/runners.rb
+1
-1
lib/ci/api/triggers.rb
lib/ci/api/triggers.rb
+1
-1
lib/gitlab/backend/grack_auth.rb
lib/gitlab/backend/grack_auth.rb
+1
-1
spec/models/project_spec.rb
spec/models/project_spec.rb
+1
-1
No files found.
app/controllers/ci/application_controller.rb
View file @
8cdd54cc
...
@@ -6,12 +6,6 @@ module Ci
...
@@ -6,12 +6,6 @@ module Ci
private
private
def
authenticate_token!
unless
project
.
valid_token?
(
params
[
:token
])
return
head
(
403
)
end
end
def
authorize_access_project!
def
authorize_access_project!
unless
can?
(
current_user
,
:read_project
,
project
)
unless
can?
(
current_user
,
:read_project
,
project
)
return
page_404
return
page_404
...
...
app/controllers/ci/projects_controller.rb
View file @
8cdd54cc
...
@@ -22,8 +22,7 @@ module Ci
...
@@ -22,8 +22,7 @@ module Ci
protected
protected
def
project
def
project
# TODO: what to do here?
@project
||=
Project
.
find_by
(
ci_id:
params
[
:id
].
to_i
)
@project
||=
Project
.
find_by_ci_id
(
params
[
:id
])
end
end
def
no_cache
def
no_cache
...
...
app/models/ci/build.rb
View file @
8cdd54cc
...
@@ -225,7 +225,7 @@ module Ci
...
@@ -225,7 +225,7 @@ module Ci
end
end
def
valid_token?
token
def
valid_token?
token
project
.
valid_token?
token
project
.
valid_
runners_
token?
token
end
end
def
target_url
def
target_url
...
...
app/models/project.rb
View file @
8cdd54cc
...
@@ -169,9 +169,9 @@ class Project < ActiveRecord::Base
...
@@ -169,9 +169,9 @@ class Project < ActiveRecord::Base
if:
->
(
project
)
{
project
.
avatar
.
present?
&&
project
.
avatar_changed?
}
if:
->
(
project
)
{
project
.
avatar
.
present?
&&
project
.
avatar_changed?
}
validates
:avatar
,
file_size:
{
maximum:
200
.
kilobytes
.
to_i
}
validates
:avatar
,
file_size:
{
maximum:
200
.
kilobytes
.
to_i
}
before_validation
:set_r
andom
_token
before_validation
:set_r
unners_token
_token
def
set_r
andom
_token
def
set_r
unners_token
_token
self
.
token
=
SecureRandom
.
hex
(
15
)
if
self
.
token
.
blank?
self
.
runners_token
=
SecureRandom
.
hex
(
15
)
if
self
.
runners_
token
.
blank?
end
end
mount_uploader
:avatar
,
AvatarUploader
mount_uploader
:avatar
,
AvatarUploader
...
@@ -270,9 +270,7 @@ class Project < ActiveRecord::Base
...
@@ -270,9 +270,7 @@ class Project < ActiveRecord::Base
end
end
def
find_by_ci_id
(
id
)
def
find_by_ci_id
(
id
)
ci_projects
=
Arel
::
Table
.
new
(
:ci_projects
)
find_by
(
ci_id:
id
.
to_i
)
gitlab_id
=
ci_projects
.
where
(
ci_projects
[
:id
].
eq
(
id
)).
project
(
ci_projects
[
:gitlab_id
])
find_by
(
"id=(
#{
gitlab_id
.
to_sql
}
)"
)
end
end
def
visibility_levels
def
visibility_levels
...
@@ -831,7 +829,11 @@ class Project < ActiveRecord::Base
...
@@ -831,7 +829,11 @@ class Project < ActiveRecord::Base
shared_runners_enabled?
&&
Ci
::
Runner
.
shared
.
active
.
any?
(
&
block
)
shared_runners_enabled?
&&
Ci
::
Runner
.
shared
.
active
.
any?
(
&
block
)
end
end
def
valid_token?
token
def
valid_runners_token?
token
self
.
token
&&
self
.
token
==
token
end
def
valid_build_token?
token
self
.
token
&&
self
.
token
==
token
self
.
token
&&
self
.
token
==
token
end
end
...
...
db/migrate/20151203162135_add_ci_to_project.rb
View file @
8cdd54cc
class
AddCiToProject
<
ActiveRecord
::
Migration
class
AddCiToProject
<
ActiveRecord
::
Migration
def
up
def
up
add_column
:projects
,
:ci_id
,
:integer
add_column
:projects
,
:builds_enabled
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:builds_enabled
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:shared_runners_enabled
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:shared_runners_enabled
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:token
,
:string
add_column
:projects
,
:
runners_
token
,
:string
add_column
:projects
,
:build_coverage_regex
,
:string
add_column
:projects
,
:build_coverage_regex
,
:string
add_column
:projects
,
:build_allow_git_fetch
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:build_allow_git_fetch
,
:boolean
,
default:
true
,
null:
false
add_column
:projects
,
:build_timeout
,
:integer
,
default:
3600
,
null:
false
add_column
:projects
,
:build_timeout
,
:integer
,
default:
3600
,
null:
false
...
...
db/migrate/20151204110613_migrate_ci_to_project.rb
View file @
8cdd54cc
...
@@ -5,8 +5,9 @@ class MigrateCiToProject < ActiveRecord::Migration
...
@@ -5,8 +5,9 @@ class MigrateCiToProject < ActiveRecord::Migration
migrate_project_id_for_table
(
'ci_variables'
)
migrate_project_id_for_table
(
'ci_variables'
)
migrate_project_id_for_builds
migrate_project_id_for_builds
migrate_project_column
(
'shared_runners_enabled'
)
migrate_project_column
(
'id'
,
'ci_id'
)
migrate_project_column
(
'token'
)
migrate_project_column
(
'shared_runners_enabled'
,
'shared_runners_enabled'
)
migrate_project_column
(
'token'
,
'runners_token'
)
migrate_project_column
(
'coverage_regex'
,
'build_coverage_regex'
)
migrate_project_column
(
'coverage_regex'
,
'build_coverage_regex'
)
migrate_project_column
(
'allow_git_fetch'
,
'build_allow_git_fetch'
)
migrate_project_column
(
'allow_git_fetch'
,
'build_allow_git_fetch'
)
migrate_project_column
(
'timeout'
,
'build_timeout'
)
migrate_project_column
(
'timeout'
,
'build_timeout'
)
...
@@ -25,7 +26,7 @@ class MigrateCiToProject < ActiveRecord::Migration
...
@@ -25,7 +26,7 @@ class MigrateCiToProject < ActiveRecord::Migration
def
migrate_project_column
(
column
,
new_column
=
nil
)
def
migrate_project_column
(
column
,
new_column
=
nil
)
new_column
||=
column
new_column
||=
column
subquery
=
"SELECT
#{
column
}
FROM ci_projects WHERE projects.id = ci_projects.gitlab_id"
subquery
=
"SELECT
ci_projects.
#{
column
}
FROM ci_projects WHERE projects.id = ci_projects.gitlab_id"
execute
(
"UPDATE projects SET
#{
new_column
}
=(
#{
subquery
}
) WHERE
#{
new_column
}
IS NULL AND (
#{
subquery
}
) IS NOT NULL"
)
execute
(
"UPDATE projects SET
#{
new_column
}
=(
#{
subquery
}
) WHERE
#{
new_column
}
IS NULL AND (
#{
subquery
}
) IS NOT NULL"
)
end
end
...
...
db/migrate/20151204110832_add_index_to_ci_tables.rb
View file @
8cdd54cc
...
@@ -4,8 +4,9 @@ class AddIndexToCiTables < ActiveRecord::Migration
...
@@ -4,8 +4,9 @@ class AddIndexToCiTables < ActiveRecord::Migration
add_index
:ci_runner_projects
,
:gl_project_id
add_index
:ci_runner_projects
,
:gl_project_id
add_index
:ci_triggers
,
:gl_project_id
add_index
:ci_triggers
,
:gl_project_id
add_index
:ci_variables
,
:gl_project_id
add_index
:ci_variables
,
:gl_project_id
add_index
:projects
,
:token
add_index
:projects
,
:
runners_
token
add_index
:projects
,
:builds_enabled
add_index
:projects
,
:builds_enabled
add_index
:projects
,
[
:builds_enabled
,
:shared_runners_enabled
]
add_index
:projects
,
[
:builds_enabled
,
:shared_runners_enabled
]
add_index
:projects
,
[
:ci_id
]
end
end
end
end
lib/ci/api/helpers.rb
View file @
8cdd54cc
...
@@ -13,10 +13,6 @@ module Ci
...
@@ -13,10 +13,6 @@ module Ci
forbidden!
unless
current_runner
forbidden!
unless
current_runner
end
end
def
authenticate_project_token!
(
project
)
forbidden!
unless
project
.
valid_token?
(
params
[
:project_token
])
end
def
authenticate_build_token!
(
build
)
def
authenticate_build_token!
(
build
)
token
=
(
params
[
BUILD_TOKEN_PARAM
]
||
env
[
BUILD_TOKEN_HEADER
]).
to_s
token
=
(
params
[
BUILD_TOKEN_PARAM
]
||
env
[
BUILD_TOKEN_HEADER
]).
to_s
forbidden!
unless
token
&&
build
.
valid_token?
(
token
)
forbidden!
unless
token
&&
build
.
valid_token?
(
token
)
...
...
lib/ci/api/runners.rb
View file @
8cdd54cc
...
@@ -36,7 +36,7 @@ module Ci
...
@@ -36,7 +36,7 @@ module Ci
tag_list:
params
[
:tag_list
],
tag_list:
params
[
:tag_list
],
is_shared:
true
is_shared:
true
)
)
elsif
project
=
Project
.
find_by
(
token:
params
[
:token
])
elsif
project
=
Project
.
find_by
(
runners_
token:
params
[
:token
])
# Create a specific runner for project.
# Create a specific runner for project.
project
.
ci_runners
.
create
(
project
.
ci_runners
.
create
(
description:
params
[
:description
],
description:
params
[
:description
],
...
...
lib/ci/api/triggers.rb
View file @
8cdd54cc
...
@@ -14,7 +14,7 @@ module Ci
...
@@ -14,7 +14,7 @@ module Ci
post
":id/refs/:ref/trigger"
do
post
":id/refs/:ref/trigger"
do
required_attributes!
[
:token
]
required_attributes!
[
:token
]
project
=
Project
.
find_by
_ci_id
(
params
[
:id
]
)
project
=
Project
.
find_by
(
ci_id:
params
[
:id
].
to_i
)
trigger
=
Ci
::
Trigger
.
find_by_token
(
params
[
:token
].
to_s
)
trigger
=
Ci
::
Trigger
.
find_by_token
(
params
[
:token
].
to_s
)
not_found!
unless
project
&&
trigger
not_found!
unless
project
&&
trigger
unauthorized!
unless
trigger
.
project
==
project
unauthorized!
unless
trigger
.
project
==
project
...
...
lib/gitlab/backend/grack_auth.rb
View file @
8cdd54cc
...
@@ -78,7 +78,7 @@ module Grack
...
@@ -78,7 +78,7 @@ module Grack
underscored_service
=
matched_login
[
's'
].
underscore
underscored_service
=
matched_login
[
's'
].
underscore
if
underscored_service
==
'gitlab_ci'
if
underscored_service
==
'gitlab_ci'
return
project
&&
project
.
builds_enabled?
&&
project
.
valid_token?
(
password
)
return
project
&&
project
.
builds_enabled?
&&
project
.
valid_
build_
token?
(
password
)
elsif
Service
.
available_services_names
.
include?
(
underscored_service
)
elsif
Service
.
available_services_names
.
include?
(
underscored_service
)
service_method
=
"
#{
underscored_service
}
_service"
service_method
=
"
#{
underscored_service
}
_service"
service
=
project
.
send
(
service_method
)
service
=
project
.
send
(
service_method
)
...
...
spec/models/project_spec.rb
View file @
8cdd54cc
...
@@ -55,7 +55,7 @@ describe Project, models: true do
...
@@ -55,7 +55,7 @@ describe Project, models: true do
it
{
is_expected
.
to
have_one
(
:pushover_service
).
dependent
(
:destroy
)
}
it
{
is_expected
.
to
have_one
(
:pushover_service
).
dependent
(
:destroy
)
}
it
{
is_expected
.
to
have_one
(
:asana_service
).
dependent
(
:destroy
)
}
it
{
is_expected
.
to
have_one
(
:asana_service
).
dependent
(
:destroy
)
}
it
{
is_expected
.
to
have_many
(
:ci_commits
)
}
it
{
is_expected
.
to
have_many
(
:ci_commits
)
}
it
{
is_expected
.
to
have_many
(
:c
i
_statuses
)
}
it
{
is_expected
.
to
have_many
(
:c
ommit
_statuses
)
}
it
{
is_expected
.
to
have_many
(
:ci_builds
)
}
it
{
is_expected
.
to
have_many
(
:ci_builds
)
}
it
{
is_expected
.
to
have_many
(
:ci_runner_projects
)
}
it
{
is_expected
.
to
have_many
(
:ci_runner_projects
)
}
it
{
is_expected
.
to
have_many
(
:ci_runners
)
}
it
{
is_expected
.
to
have_many
(
:ci_runners
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment