2013-02-28 17:02:14 +00:00
|
|
|
class Users::UsersController < Users::BaseController
|
2015-03-04 23:19:19 +00:00
|
|
|
skip_before_action :authenticate_user!, only: [:allowed, :check, :discover]
|
2015-04-18 22:02:16 +01:00
|
|
|
skip_after_action :verify_authorized
|
2015-03-04 23:19:19 +00:00
|
|
|
before_action :find_user_by_key, only: [:allowed, :discover]
|
2013-02-28 17:02:14 +00:00
|
|
|
|
|
|
|
|
def allowed
|
2014-03-13 16:35:00 +00:00
|
|
|
project = Project.find_by_owner_and_name! params[:project]
|
2015-03-14 22:10:04 +00:00
|
|
|
pp = ProjectPolicy.new(@user, project)
|
|
|
|
|
can = case params[:action_type]
|
|
|
|
|
when 'git-upload-pack'
|
|
|
|
|
pp.read?
|
|
|
|
|
when 'git-receive-pack'
|
|
|
|
|
pp.write?
|
|
|
|
|
end
|
|
|
|
|
render inline: (!@user.access_locked? && can).to_s
|
2013-03-07 08:06:34 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def check
|
2014-01-21 04:51:49 +00:00
|
|
|
render nothing: true
|
2013-03-07 08:06:34 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def discover
|
2014-01-21 04:51:49 +00:00
|
|
|
render json: {name: @user.name}.to_json
|
2013-03-07 08:06:34 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
|
|
def find_user_by_key
|
|
|
|
|
key = SshKey.find(params[:key_id])
|
|
|
|
|
@user = key.user
|
2013-02-28 17:02:14 +00:00
|
|
|
end
|
|
|
|
|
end
|
