Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
359f04e8
Commit
359f04e8
authored
Mar 07, 2017
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix go-get support for projects in nested groups
parent
7f2819b7
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
143 additions
and
18 deletions
+143
-18
lib/gitlab/middleware/go.rb
lib/gitlab/middleware/go.rb
+57
-9
spec/lib/gitlab/middleware/go_spec.rb
spec/lib/gitlab/middleware/go_spec.rb
+86
-9
No files found.
lib/gitlab/middleware/go.rb
View file @
359f04e8
...
@@ -30,21 +30,69 @@ module Gitlab
...
@@ -30,21 +30,69 @@ module Gitlab
end
end
def
go_body
(
request
)
def
go_body
(
request
)
base_url
=
Gitlab
.
config
.
gitlab
.
url
project_url
=
URI
.
join
(
Gitlab
.
config
.
gitlab
.
url
,
project_path
(
request
))
# Go subpackages may be in the form of namespace/project/path1/path2/../pathN
import_prefix
=
strip_url
(
project_url
.
to_s
)
# We can just ignore the paths and leave the namespace/project
path_info
=
request
.
env
[
"PATH_INFO"
]
path_info
.
sub!
(
/^\//
,
''
)
project_path
=
path_info
.
split
(
'/'
).
first
(
2
).
join
(
'/'
)
request_url
=
URI
.
join
(
base_url
,
project_path
)
domain_path
=
strip_url
(
request_url
.
to_s
)
"<!DOCTYPE html><html><head><meta content='
#{
domain_path
}
git
#{
reques
t_url
}
.git' name='go-import'></head></html>
\n
"
"<!DOCTYPE html><html><head><meta content='
#{
import_prefix
}
git
#{
projec
t_url
}
.git' name='go-import'></head></html>
\n
"
end
end
def
strip_url
(
url
)
def
strip_url
(
url
)
url
.
gsub
(
/\Ahttps?:\/\//
,
''
)
url
.
gsub
(
/\Ahttps?:\/\//
,
''
)
end
end
def
project_path
(
request
)
path_info
=
request
.
env
[
"PATH_INFO"
]
path_info
.
sub!
(
/^\//
,
''
)
# Go subpackages may be in the form of `namespace/project/path1/path2/../pathN`.
# In a traditional project with a single namespace, this would denote repo
# `namespace/project` with subpath `path1/path2/../pathN`, but with nested
# groups, this could also be `namespace/project/path1` with subpath
# `path2/../pathN`, for example.
# We find all potential project paths out of the path segments
path_segments
=
path_info
.
split
(
'/'
)
simple_project_path
=
path_segments
.
first
(
2
).
join
(
'/'
)
# If the path is at most 2 segments long, it is a simple `namespace/project` path and we're done
return
simple_project_path
if
path_segments
.
length
<=
2
project_paths
=
[]
begin
project_paths
<<
path_segments
.
join
(
'/'
)
path_segments
.
pop
end
while
path_segments
.
length
>=
2
# We see if a project exists with any of these potential paths
project
=
project_for_paths
(
project_paths
,
request
)
if
project
# If a project is found and the user has access, we return the full project path
project
.
full_path
else
# If not, we return the first two components as if it were a simple `namespace/project` path,
# so that we don't reveal the existence of a nested project the user doesn't have access to.
# This means that for an unauthenticated request to `group/subgroup/project/subpackage`
# for a private `group/subgroup/project` with subpackage path `subpackage`, GitLab will respond
# as if the user is looking for project `group/subgroup`, with subpackage path `project/subpackage`.
# Since `go get` doesn't authenticate by default, this means that
# `go get gitlab.com/group/subgroup/project/subpackage` will not work for private projects.
# `go get gitlab.com/group/subgroup/project.git/subpackage` will work, since Go is smart enough
# to figure that out. `import 'gitlab.com/...'` behaves the same as `go get`.
simple_project_path
end
end
def
project_for_paths
(
paths
,
request
)
project
=
Project
.
where_full_path_in
(
paths
).
first
return
unless
Ability
.
allowed?
(
current_user
(
request
),
:read_project
,
project
)
project
end
def
current_user
(
request
)
request
.
env
[
'warden'
]
&
.
authenticate
end
end
end
end
end
end
end
spec/lib/gitlab/middleware/go_spec.rb
View file @
359f04e8
...
@@ -15,16 +15,93 @@ describe Gitlab::Middleware::Go, lib: true do
...
@@ -15,16 +15,93 @@ describe Gitlab::Middleware::Go, lib: true do
end
end
describe
'when go-get=1'
do
describe
'when go-get=1'
do
it
'returns a document'
do
let
(
:current_user
)
{
nil
}
env
=
{
'rack.input'
=>
''
,
'QUERY_STRING'
=>
'go-get=1'
,
context
'with simple 2-segment project path'
do
'PATH_INFO'
=>
'/group/project/path'
}
let!
(
:project
)
{
create
(
:project
,
:private
)
}
resp
=
middleware
.
call
(
env
)
expect
(
resp
[
0
]).
to
eq
(
200
)
context
'with subpackages'
do
expect
(
resp
[
1
][
'Content-Type'
]).
to
eq
(
'text/html'
)
let
(
:path
)
{
"
#{
project
.
full_path
}
/subpackage"
}
expected_body
=
"<!DOCTYPE html><html><head><meta content='
#{
Gitlab
.
config
.
gitlab
.
host
}
/group/project git http://
#{
Gitlab
.
config
.
gitlab
.
host
}
/group/project.git' name='go-import'></head></html>
\n
"
expect
(
resp
[
2
].
body
).
to
eq
([
expected_body
])
it
'returns the full project path'
do
expect_response_with_path
(
go
,
project
.
full_path
)
end
end
context
'without subpackages'
do
let
(
:path
)
{
project
.
full_path
}
it
'returns the full project path'
do
expect_response_with_path
(
go
,
project
.
full_path
)
end
end
end
context
'with a nested project path'
do
let
(
:group
)
{
create
(
:group
,
:nested
)
}
let!
(
:project
)
{
create
(
:project
,
:public
,
namespace:
group
)
}
shared_examples
'a nested project'
do
context
'when the project is public'
do
it
'returns the full project path'
do
expect_response_with_path
(
go
,
project
.
full_path
)
end
end
context
'when the project is private'
do
before
do
project
.
update_attribute
(
:visibility_level
,
Project
::
PRIVATE
)
end
context
'with access to the project'
do
let
(
:current_user
)
{
project
.
creator
}
before
do
project
.
team
.
add_master
(
current_user
)
end
it
'returns the full project path'
do
expect_response_with_path
(
go
,
project
.
full_path
)
end
end
context
'without access to the project'
do
it
'returns the 2-segment group path'
do
expect_response_with_path
(
go
,
group
.
full_path
)
end
end
end
end
context
'with subpackages'
do
let
(
:path
)
{
"
#{
project
.
full_path
}
/subpackage"
}
it_behaves_like
'a nested project'
end
context
'without subpackages'
do
let
(
:path
)
{
project
.
full_path
}
it_behaves_like
'a nested project'
end
end
end
end
end
def
go
env
=
{
'rack.input'
=>
''
,
'QUERY_STRING'
=>
'go-get=1'
,
'PATH_INFO'
=>
"/
#{
path
}
"
,
'warden'
=>
double
(
authenticate:
current_user
)
}
middleware
.
call
(
env
)
end
def
expect_response_with_path
(
response
,
path
)
expect
(
response
[
0
]).
to
eq
(
200
)
expect
(
response
[
1
][
'Content-Type'
]).
to
eq
(
'text/html'
)
expected_body
=
"<!DOCTYPE html><html><head><meta content='
#{
Gitlab
.
config
.
gitlab
.
host
}
/
#{
path
}
git http://
#{
Gitlab
.
config
.
gitlab
.
host
}
/
#{
path
}
.git' name='go-import'></head></html>
\n
"
expect
(
response
[
2
].
body
).
to
eq
([
expected_body
])
end
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment