Merge pull request #783 from warpc/782-url_to_closed_project
[refs #782] support user hash token auth in git; add base auth to git url sending to build system
This commit is contained in:
commit
fc4bd690a8
|
@ -322,7 +322,7 @@ class BuildList < ActiveRecord::Base
|
||||||
id,
|
id,
|
||||||
include_repos,
|
include_repos,
|
||||||
priority,
|
priority,
|
||||||
project.git_project_address
|
project.git_project_address(user)
|
||||||
)
|
)
|
||||||
end
|
end
|
||||||
@status
|
@status
|
||||||
|
@ -443,7 +443,7 @@ class BuildList < ActiveRecord::Base
|
||||||
:time_living => 43200, # 12 hours
|
:time_living => 43200, # 12 hours
|
||||||
:distrib_type => build_for_platform.distrib_type,
|
:distrib_type => build_for_platform.distrib_type,
|
||||||
# :git_project_address => 'https://abf.rosalinux.ru/server/gnome-settings-daemon.git',
|
# :git_project_address => 'https://abf.rosalinux.ru/server/gnome-settings-daemon.git',
|
||||||
:git_project_address => project.git_project_address,
|
:git_project_address => project.git_project_address(user),
|
||||||
# :commit_hash => 'fbb2549e44d97226fea6748a4f95d1d82ffb8726',
|
# :commit_hash => 'fbb2549e44d97226fea6748a4f95d1d82ffb8726',
|
||||||
:commit_hash => commit_hash,
|
:commit_hash => commit_hash,
|
||||||
:build_requires => build_requires,
|
:build_requires => build_requires,
|
||||||
|
|
|
@ -117,10 +117,11 @@ class Project < ActiveRecord::Base
|
||||||
owner == user
|
owner == user
|
||||||
end
|
end
|
||||||
|
|
||||||
def git_project_address
|
def git_project_address auth_user
|
||||||
host ||= EventLog.current_controller.request.host_with_port rescue ::Rosa::Application.config.action_mailer.default_url_options[:host]
|
host ||= EventLog.current_controller.request.host_with_port rescue ::Rosa::Application.config.action_mailer.default_url_options[:host]
|
||||||
protocol = APP_CONFIG['mailer_https_url'] ? "https" : "http" rescue "http"
|
protocol = APP_CONFIG['mailer_https_url'] ? "https" : "http" rescue "http"
|
||||||
Rails.application.routes.url_helpers.project_url(self.owner.uname, self.name, :host => host, :protocol => protocol) + ".git"
|
opts = {:host => host, :protocol => protocol, :user => auth_user.authentication_token, :password => ''}
|
||||||
|
Rails.application.routes.url_helpers.project_url(self.owner.uname, self.name, opts) + ".git"
|
||||||
#path #share by NFS
|
#path #share by NFS
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -86,8 +86,13 @@ class User < Avatar
|
||||||
class << self
|
class << self
|
||||||
def find_for_database_authentication(warden_conditions)
|
def find_for_database_authentication(warden_conditions)
|
||||||
conditions = warden_conditions.dup
|
conditions = warden_conditions.dup
|
||||||
|
|
||||||
login = conditions.delete(:login)
|
login = conditions.delete(:login)
|
||||||
where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase }]).first
|
pass = conditions.delete(:pass)
|
||||||
|
user = User.where(conditions).where(:authentication_token => login).first ||
|
||||||
|
User.where(conditions).where(["lower(uname) = :value OR lower(email) = :value", { :value => login.downcase}]).first
|
||||||
|
return user if !user.access_locked? and (user.authentication_token == login or user.valid_password?(pass))
|
||||||
|
nil
|
||||||
end
|
end
|
||||||
|
|
||||||
def new_with_session(params, session)
|
def new_with_session(params, session)
|
||||||
|
|
|
@ -51,7 +51,7 @@ module Rosa
|
||||||
config.encoding = "utf-8"
|
config.encoding = "utf-8"
|
||||||
|
|
||||||
# Configure sensitive parameters which will be filtered from the log file.
|
# Configure sensitive parameters which will be filtered from the log file.
|
||||||
config.filter_parameters += [:password, :secret]
|
config.filter_parameters += [:password, :secret, :authentication_token]
|
||||||
|
|
||||||
# Enable the asset pipeline
|
# Enable the asset pipeline
|
||||||
config.assets.enabled = true
|
config.assets.enabled = true
|
||||||
|
|
|
@ -12,7 +12,7 @@ module Grack
|
||||||
return render_not_found if project.blank?
|
return render_not_found if project.blank?
|
||||||
|
|
||||||
return ::Rack::Auth::Basic.new(@app) do |u, p|
|
return ::Rack::Auth::Basic.new(@app) do |u, p|
|
||||||
user = User.find_for_database_authentication(:login => u) and !user.access_locked? and user.valid_password?(p) and
|
user = User.find_for_database_authentication({:login => u, :pass => p}) and
|
||||||
ability = ::Ability.new(user) and ability.can?(action, project) # project.members.include?(user)
|
ability = ::Ability.new(user) and ability.can?(action, project) # project.members.include?(user)
|
||||||
end.call(env) unless project.public? and read? # need auth
|
end.call(env) unless project.public? and read? # need auth
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue