Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Comparing changes

Choose two branches to see what's changed or to start a new pull request. If you need to, you can also compare across forks.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also compare across forks.
base fork: gitlabhq/gitlabhq
...
head fork: gitlabhq/gitlabhq
  • 5 commits
  • 13 files changed
  • 0 commit comments
  • 3 contributors
View
24 app/assets/stylesheets/sections/tree.scss
@@ -52,14 +52,26 @@
}
}
- .tree-commit-link {
- color:#333;
+ .tree_author {
+ padding-right: 8px;
+
+ img.avatar {
+ border: 0 none;
+ float: none;
+ margin-right: 0;
+ padding: 0;
+ width: 16px;
+ }
}
- a.tree-commit-link {
- color: #666;
- &:hover {
- text-decoration: underline;
+ .tree_commit {
+ color: gray;
+
+ .tree-commit-link {
+ color: #444;
+ &:hover {
+ text-decoration: underline;
+ }
}
}
}
View
8 app/controllers/tree_controller.rb
@@ -48,5 +48,13 @@ def edit_requirements
unless @tree.is_blob? && @tree.text?
redirect_to project_tree_path(@project, @id), notice: "You can only edit text files"
end
+
+ allowed = if project.protected_branch? @ref
+ can?(current_user, :push_code_to_protected_branches, project)
+ else
+ can?(current_user, :push_code, project)
+ end
+
+ return access_denied! unless allowed
end
end
View
22 app/decorators/commit_decorator.rb
@@ -42,6 +42,28 @@ def description
end
end
+ # Returns a link to the commit author. If the author has a matching user and
+ # is a member of the current @project it will link to the team member page.
+ # Otherwise it will link to the author email as specified in the commit.
+ #
+ # options:
+ # avatar: true will prepend avatar image
+ def author_link(options)
+ text = if options[:avatar]
+ avatar = h.image_tag h.gravatar_icon(author_email), class: "avatar", width: 16
+ "#{avatar} #{author_name}"
+ else
+ author_name
+ end
+ team_member = @project.try(:team_member_by_name_or_email, author_name, author_email)
+
+ if team_member.nil?
+ h.mail_to author_email, text.html_safe, class: "commit-author-link"
+ else
+ h.link_to text, h.project_team_member_path(@project, team_member), class: "commit-author-link"
+ end
+ end
+
protected
def no_commit_message
View
8 app/helpers/tree_helper.rb
@@ -59,4 +59,12 @@ def plain_text_readme? filename
def tree_join(*args)
File.join(*args)
end
+
+ def allowed_tree_edit?
+ if @project.protected_branch? @ref
+ can?(current_user, :push_code_to_protected_branches, @project)
+ else
+ can?(current_user, :push_code, @project)
+ end
+ end
end
View
7 app/models/ability.rb
@@ -35,10 +35,15 @@ def project_abilities(user, project)
] if project.report_access_for?(user)
rules << [
- :write_wiki
+ :write_wiki,
+ :push_code
] if project.dev_access_for?(user)
rules << [
+ :push_code_to_protected_branches
+ ] if project.master_access_for?(user)
+
+ rules << [
:modify_issue,
:modify_snippet,
:modify_merge_request,
View
2  app/roles/authority.rb
@@ -53,6 +53,6 @@ def dev_access_for?(user)
end
def master_access_for?(user)
- !users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty? || owner_id == user.id
+ !users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?
end
end
View
5 app/roles/repository.rb
@@ -181,4 +181,9 @@ def ssh_url_to_repo
def http_url_to_repo
http_url = [Gitlab.config.url, "/", path, ".git"].join('')
end
+
+ # Check if current branch name is marked as protected in the system
+ def protected_branch? branch_name
+ protected_branches.map(&:name).include?(branch_name)
+ end
end
View
6 app/roles/team.rb
@@ -1,7 +1,7 @@
module Team
- def team_member_by_name_or_email(email = nil, name = nil)
- user = users.where("email like ? or name like ?", email, name).first
- users_projects.find_by_user_id(user.id) if user
+ def team_member_by_name_or_email(name = nil, email = nil)
+ user = users.where("name like ? or email like ?", name, email).first
+ users_projects.where(user: user) if user
end
# Get Team Member record by user id
View
7 app/views/refs/logs_tree.js.haml
@@ -1,9 +1,8 @@
- @logs.each do |content_data|
- file_name = content_data[:file_name]
- - content_commit = content_data[:commit]
- - tm = @project.team_member_by_name_or_email(content_commit.author_email, content_commit.author_name)
+ - commit = content_data[:commit]
:plain
var row = $("table.table_#{@hex_path} tr.file_#{hexdigest(file_name)}");
- row.find("td.tree_time_ago").html('#{escape_javascript(time_ago_in_words(content_commit.committed_date))} ago');
- row.find("td.tree_commit").html('#{escape_javascript(render("tree/tree_commit", tm: tm, content_commit: content_commit))}');
+ row.find("td.tree_time_ago").html('#{escape_javascript time_ago_in_words(commit.committed_date)} ago');
+ row.find("td.tree_commit").html('#{escape_javascript render("tree/tree_commit_column", commit: commit)}');
View
2  app/views/tree/_blob_actions.html.haml
@@ -1,7 +1,7 @@
.btn-group.tree-btn-group
-# only show edit link for text files
- if @tree.text?
- = link_to "edit", edit_project_tree_path(@project, @id), class: "btn very_small"
+ = link_to "edit", edit_project_tree_path(@project, @id), class: "btn very_small", disabled: !allowed_tree_edit?
= link_to "raw", project_blob_path(@project, @id), class: "btn very_small", target: "_blank"
-# only show normal/blame view links for text files
- if @tree.text?
View
3  app/views/tree/_tree_commit.html.haml
@@ -1,3 +0,0 @@
-- if tm
- = link_to "[#{tm.user_name}]", project_team_member_path(@project, tm)
-= link_to_gfm truncate(content_commit.title, length: tm ? 30 : 50), project_commit_path(@project, content_commit.id), class: "tree-commit-link"
View
2  app/views/tree/_tree_commit_column.html.haml
@@ -0,0 +1,2 @@
+%span.tree_author= commit.author_link avatar: true
+= link_to_gfm truncate(commit.title, length: 80), project_commit_path(@project, commit.id), class: "tree-commit-link"
View
42 lib/gitlab/backend/grack_auth.rb
@@ -1,10 +1,11 @@
module Grack
class Auth < Rack::Auth::Basic
+ attr_accessor :user, :project
def valid?
# Authentication with username and password
email, password = @auth.credentials
- user = User.find_by_email(email)
+ self.user = User.find_by_email(email)
return false unless user.try(:valid_password?, password)
# Set GL_USER env variable
@@ -18,28 +19,39 @@ def valid?
# Find project by PATH_INFO from env
if m = /^\/([\w-]+).git/.match(@request.path_info).to_a
- return false unless project = Project.find_by_path(m.last)
+ self.project = Project.find_by_path(m.last)
+ return false unless project
end
# Git upload and receive
if @request.get?
- true
+ validate_get_request
elsif @request.post?
- if @request.path_info.end_with?('git-upload-pack')
- return project.dev_access_for?(user)
- elsif @request.path_info.end_with?('git-receive-pack')
- if project.protected_branches.map(&:name).include?(current_ref)
- project.master_access_for?(user)
- else
- project.dev_access_for?(user)
- end
- else
- false
- end
+ validate_post_request
else
false
end
- end# valid?
+ end
+
+ def validate_get_request
+ true
+ end
+
+ def validate_post_request
+ if @request.path_info.end_with?('git-upload-pack')
+ can?(user, :push_code, project)
+ elsif @request.path_info.end_with?('git-receive-pack')
+ action = if project.protected_branch?(current_ref)
+ :push_code_to_protected_branches
+ else
+ :push_code
+ end
+
+ can?(user, action, project)
+ else
+ false
+ end
+ end
def current_ref
if @env["HTTP_CONTENT_ENCODING"] =~ /gzip/

No commit comments for this range

Something went wrong with that request. Please try again.