Merge branch 'git-access-existence-check' into 'master'

Fix repo existence check in GitAccessWiki Closes #43385 and gitlab-com/infrastructure#3734 See merge request gitlab-org/gitlab-ce!17268

Merge branch 'git-access-existence-check' into 'master'
Fix repo existence check in GitAccessWiki Closes #43385 and gitlab-com/infrastructure#3734 See merge request gitlab-org/gitlab-ce!17268
86f451cc · Robert Speicher · a5b7f273 · ea18e1bf · 86f451cc · 86f451cc
Commit 86f451cc authored Feb 22, 2018 by Robert Speicher
5 changed files
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -198,7 +198,7 @@ module Gitlab
    end

    def check_repository_existence!
-      unless project.repository.exists?
+      unless repository.exists?
        raise UnauthorizedError, ERROR_MESSAGES[:no_repo]
      end
    end
@@ -327,5 +327,9 @@ module Gitlab
    def push_to_read_only_message
      ERROR_MESSAGES[:cannot_push_to_read_only]
    end
+
+    def repository
+      project.repository
+    end
  end
 end
--- a/lib/gitlab/git_access_wiki.rb
+++ b/lib/gitlab/git_access_wiki.rb
@@ -28,5 +28,11 @@ module Gitlab
    def push_to_read_only_message
      ERROR_MESSAGES[:read_only]
    end
+
+    private
+
+    def repository
+      project.wiki.repository
+    end
  end
 end
--- a/spec/lib/gitlab/git_access_wiki_spec.rb
+++ b/spec/lib/gitlab/git_access_wiki_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'

 describe Gitlab::GitAccessWiki do
  let(:access) { described_class.new(user, project, 'web', authentication_abilities: authentication_abilities, redirected_path: redirected_path) }
-  let(:project) { create(:project, :repository) }
+  let(:project) { create(:project, :wiki_repo) }
  let(:user) { create(:user) }
  let(:changes) { ['6f6d7e7ed 570e7b2ab refs/heads/master'] }
  let(:redirected_path) { nil }
@@ -48,6 +48,18 @@ describe Gitlab::GitAccessWiki do
      it 'give access to download wiki code' do
        expect { subject }.not_to raise_error
      end
+
+      context 'when the wiki repository does not exist' do
+        it 'returns not found' do
+          wiki_repo = project.wiki.repository
+          FileUtils.rm_rf(wiki_repo.path)
+
+          # Sanity check for rm_rf
+          expect(wiki_repo.exists?).to eq(false)
+
+          expect { subject }.to raise_error(Gitlab::GitAccess::UnauthorizedError, 'A repository for this project does not exist yet.')
+        end
+      end
    end

    context 'when wiki feature is disabled' do

--- a/spec/requests/api/internal_spec.rb
+++ b/spec/requests/api/internal_spec.rb
@@ -3,7 +3,7 @@ require 'spec_helper'
 describe API::Internal do
  let(:user) { create(:user) }
  let(:key) { create(:key, user: user) }
-  let(:project) { create(:project, :repository) }
+  let(:project) { create(:project, :repository, :wiki_repo) }
  let(:secret_token) { Gitlab::Shell.secret_token }
  let(:gl_repository) { "project-#{project.id}" }
  let(:reference_counter) { double('ReferenceCounter') }

--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -150,7 +150,7 @@ describe 'Git HTTP requests' do
      let(:path) { "/#{wiki.repository.full_path}.git" }

      context "when the project is public" do
-        let(:project) { create(:project, :repository, :public, :wiki_enabled) }
+        let(:project) { create(:project, :wiki_repo, :public, :wiki_enabled) }

        it_behaves_like 'pushes require Basic HTTP Authentication'

@@ -177,7 +177,7 @@ describe 'Git HTTP requests' do
            end

            context 'but the repo is disabled' do
-              let(:project) { create(:project, :repository, :public, :repository_disabled, :wiki_enabled) }
+              let(:project) { create(:project, :wiki_repo, :public, :repository_disabled, :wiki_enabled) }

              it_behaves_like 'pulls are allowed'
              it_behaves_like 'pushes are allowed'
@@ -198,7 +198,7 @@ describe 'Git HTTP requests' do
      end

      context "when the project is private" do
-        let(:project) { create(:project, :repository, :private, :wiki_enabled) }
+        let(:project) { create(:project, :wiki_repo, :private, :wiki_enabled) }

        it_behaves_like 'pulls require Basic HTTP Authentication'
        it_behaves_like 'pushes require Basic HTTP Authentication'
@@ -210,7 +210,7 @@ describe 'Git HTTP requests' do
            end

            context 'but the repo is disabled' do
-              let(:project) { create(:project, :repository, :private, :repository_disabled, :wiki_enabled) }
+              let(:project) { create(:project, :wiki_repo, :private, :repository_disabled, :wiki_enabled) }

              it 'allows clones' do
                download(path, user: user.username, password: user.password) do |response|