Merge pull request #783 from warpc/782-url_to_closed_project

[refs #782] support user hash token auth in git; add base auth to git url sending to build system
2012-12-14 10:09:47 -08:00 · 2012-12-14 10:09:47 -08:00 · fc4bd690a8
parent 2c22a5c055 2f1a21cbdf
commit fc4bd690a8
5 changed files with 13 additions and 7 deletions
--- a/app/models/build_list.rb
+++ b/app/models/build_list.rb
@ -322,7 +322,7 @@ class BuildList < ActiveRecord::Base
        id,
        include_repos,
        priority,
-        project.git_project_address
+        project.git_project_address(user)
      )
    end
    @status
@ -443,7 +443,7 @@ class BuildList < ActiveRecord::Base
      :time_living => 43200, # 12 hours
      :distrib_type => build_for_platform.distrib_type,
      # :git_project_address => 'https://abf.rosalinux.ru/server/gnome-settings-daemon.git',
-      :git_project_address => project.git_project_address,
+      :git_project_address => project.git_project_address(user),
      # :commit_hash => 'fbb2549e44d97226fea6748a4f95d1d82ffb8726',
      :commit_hash => commit_hash,
      :build_requires => build_requires,
--- a/app/models/project.rb
+++ b/app/models/project.rb
@ -117,10 +117,11 @@ class Project < ActiveRecord::Base
    owner == user
  end

-  def git_project_address
+  def git_project_address auth_user
    host ||= EventLog.current_controller.request.host_with_port rescue ::Rosa::Application.config.action_mailer.default_url_options[:host]
    protocol = APP_CONFIG['mailer_https_url'] ? "https" : "http" rescue "http"
-    Rails.application.routes.url_helpers.project_url(self.owner.uname, self.name, :host => host, :protocol => protocol) + ".git"
+    opts = {:host => host, :protocol => protocol, :user => auth_user.authentication_token, :password => ''}
+    Rails.application.routes.url_helpers.project_url(self.owner.uname, self.name, opts) + ".git"
    #path #share by NFS
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -86,8 +86,13 @@ class User < Avatar
  class << self
    def find_for_database_authentication(warden_conditions)
      conditions = warden_conditions.dup
+
      login = conditions.delete(:login)
-      where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase }]).first
+      pass  = conditions.delete(:pass)
+      user = User.where(conditions).where(:authentication_token => login).first ||
+             User.where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase}]).first
+      return user if !user.access_locked? and (user.authentication_token == login or user.valid_password?(pass))
+      nil
    end

    def new_with_session(params, session)
--- a/config/application.rb
+++ b/config/application.rb
@ -51,7 +51,7 @@ module Rosa
    config.encoding = "utf-8"

    # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters += [:password, :secret]
+    config.filter_parameters += [:password, :secret, :authentication_token]

    # Enable the asset pipeline
    config.assets.enabled = true
--- a/lib/plugins/grack/auth.rb
+++ b/lib/plugins/grack/auth.rb
@ -12,7 +12,7 @@ module Grack
        return render_not_found if project.blank?

        return ::Rack::Auth::Basic.new(@app) do |u, p|
-          user = User.find_for_database_authentication(:login => u) and !user.access_locked? and user.valid_password?(p) and
+          user = User.find_for_database_authentication({:login => u, :pass => p}) and
          ability = ::Ability.new(user) and ability.can?(action, project) # project.members.include?(user)
        end.call(env) unless project.public? and read? # need auth
      end