Fixes grack authentification under relative_url_root

Ref: https://github.com/gitlabhq/gitlabhq/commit/e6159b8725f99af78f446f8d33fa0e52b7780430 Ref: https://github.com/gitlabhq/gitlabhq/pull/3204 Ref: https://github.com/gitlabhq/gitlabhq/issues/1228 Add Rails' variable in application.rb to support relative url This variable is used by assets compilation and other modules. Note that user needs to change application.rb too Restrict session cookie to the relative path if set. Ref: https://github.com/gitlabhq/gitlabhq/commit/2c2f1e31856a4decdae469974f5bea8245316f7e Fix Update attachment_uploader.rb bug with relative URL See: https://github.com/gitlabhq/gitlabhq/commit/161afda3fa4fca58f396e9c3acbd72bc14490ace Fix Wall relative bug with attachement files (javascript)

Fixes grack authentification under relative_url_root
Ref: https://github.com/gitlabhq/gitlabhq/commit/e6159b8725f99af78f446f8d33fa0e52b7780430 Ref: https://github.com/gitlabhq/gitlabhq/pull/3204 Ref: https://github.com/gitlabhq/gitlabhq/issues/1228 Add Rails' variable in application.rb to support relative url This variable is used by assets compilation and other modules. Note that user needs to change application.rb too Restrict session cookie to the relative path if set. Ref: https://github.com/gitlabhq/gitlabhq/commit/2c2f1e31856a4decdae469974f5bea8245316f7e Fix Update attachment_uploader.rb bug with relative URL See: https://github.com/gitlabhq/gitlabhq/commit/161afda3fa4fca58f396e9c3acbd72bc14490ace Fix Wall relative bug with attachement files (javascript)
amouhzi · Hassan Amouhzi
1 parent 55582047
Showing 6 changed files with 18 additions and 4 deletions Show diff stats
app/assets/javascripts/wall.js.coffee
app/uploaders/attachment_uploader.rb
config/application.rb
config/gitlab.yml.example
config/initializers/session_store.rb
lib/gitlab/backend/grack_auth.rb
@@ -64,7 +64,7 @@ class Wall
     template = template.replace('{{text}}', simpleFormat(note.body))
     if note.attachment
-      file = '<i class="icon-paper-clip"/><a href="/files/note/' + note.id + '/' + note.attachment + '">' + note.attachment + '</a>'
+      file = '<i class="icon-paper-clip"/><a href="' + gon.relative_url_root + '/files/note/' + note.id + '/' + note.attachment + '">' + note.attachment + '</a>'
     else
       file = ''
     template = template.replace('{{file}}', file)
@@ -21,7 +21,7 @@ class AttachmentUploader &lt; CarrierWave::Uploader::Base
   end
   def secure_url
-    "/files/#{model.class.to_s.underscore}/#{model.id}/#{file.filename}"
+    Gitlab.config.gitlab.relative_url_root + "/files/#{model.class.to_s.underscore}/#{model.id}/#{file.filename}"
   end
   def file_storage?
@@ -67,5 +67,9 @@ module Gitlab
     # Version of your assets, change this if you want to expire all your assets
     config.assets.version = '1.0'
+    
+    # Uncomment this if you are using a subdirectory
+    # Note that ENV['RAILS_RELATIVE_URL_ROOT'] in config/puma.rb may need to be changed
+    # config.relative_url_root = "/gitlab"
   end
 end
@@ -21,6 +21,7 @@ production: &amp;base
     # WARNING: This feature is no longer supported
     # Uncomment and customize to run in non-root path
     # Note that ENV['RAILS_RELATIVE_URL_ROOT'] in config/puma.rb may need to be changed
+    # You need to uncomment config.relative_url_root in config/application.rb
     # relative_url_root: /gitlab
     # Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
@@ -2,7 +2,8 @@
 Gitlab::Application.config.session_store :cookie_store, key: '_gitlab_session',
                                                       secure: Gitlab::Application.config.force_ssl,
-                                                      httponly: true
+                                                      httponly: true,
+                                                      path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
 # Use the database for sessions instead of the cookie-based default,
 # which shouldn't be used to store highly confidential information
@@ -15,7 +15,15 @@ module Grack
       @auth = Request.new(env)
       # Need this patch due to the rails mount
-      @env['PATH_INFO'] = @request.path
+      
+      # Need this if under RELATIVE_URL_ROOT
+      unless Gitlab.config.gitlab.relative_url_root.empty?
+        # If website is mounted using relative_url_root need to remove it first
+        @env['PATH_INFO'] = @request.path.sub(Gitlab.config.gitlab.relative_url_root,'')
+      else
+        @env['PATH_INFO'] = @request.path
+      end
+      
       @env['SCRIPT_NAME'] = ""
       auth!
	@@ -64,7 +64,7 @@ class Wall		@@ -64,7 +64,7 @@ class Wall
64	template = template.replace('{{text}}', simpleFormat(note.body))	64	template = template.replace('{{text}}', simpleFormat(note.body))
65		65
66	if note.attachment	66	if note.attachment
67	- file = '<i class="icon-paper-clip"/><a href="/files/note/' + note.id + '/' + note.attachment + '">' + note.attachment + '</a>'	67	+ file = '<i class="icon-paper-clip"/><a href="' + gon.relative_url_root + '/files/note/' + note.id + '/' + note.attachment + '">' + note.attachment + '</a>'
68	else	68	else
69	file = ''	69	file = ''
70	template = template.replace('{{file}}', file)	70	template = template.replace('{{file}}', file)
	@@ -21,7 +21,7 @@ class AttachmentUploader < CarrierWave::Uploader::Base		@@ -21,7 +21,7 @@ class AttachmentUploader < CarrierWave::Uploader::Base
21	end	21	end
22		22
23	def secure_url	23	def secure_url
24	- "/files/#{model.class.to_s.underscore}/#{model.id}/#{file.filename}"	24	+ Gitlab.config.gitlab.relative_url_root + "/files/#{model.class.to_s.underscore}/#{model.id}/#{file.filename}"
25	end	25	end
26		26
27	def file_storage?	27	def file_storage?
	@@ -21,6 +21,7 @@ production: &base		@@ -21,6 +21,7 @@ production: &base
21	# WARNING: This feature is no longer supported	21	# WARNING: This feature is no longer supported
22	# Uncomment and customize to run in non-root path	22	# Uncomment and customize to run in non-root path
23	# Note that ENV['RAILS_RELATIVE_URL_ROOT'] in config/puma.rb may need to be changed	23	# Note that ENV['RAILS_RELATIVE_URL_ROOT'] in config/puma.rb may need to be changed
		24	+ # You need to uncomment config.relative_url_root in config/application.rb
24	# relative_url_root: /gitlab	25	# relative_url_root: /gitlab
25		26
26	# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')	27	# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
	@@ -2,7 +2,8 @@		@@ -2,7 +2,8 @@
2		2
3	Gitlab::Application.config.session_store :cookie_store, key: '_gitlab_session',	3	Gitlab::Application.config.session_store :cookie_store, key: '_gitlab_session',
4	secure: Gitlab::Application.config.force_ssl,	4	secure: Gitlab::Application.config.force_ssl,
5	- httponly: true	5	+ httponly: true,
		6	+ path: (Rails.application.config.relative_url_root.nil?) ? '/' : Rails.application.config.relative_url_root
6		7
7	# Use the database for sessions instead of the cookie-based default,	8	# Use the database for sessions instead of the cookie-based default,
8	# which shouldn't be used to store highly confidential information	9	# which shouldn't be used to store highly confidential information
	@@ -15,7 +15,15 @@ module Grack		@@ -15,7 +15,15 @@ module Grack
15	@auth = Request.new(env)	15	@auth = Request.new(env)
16		16
17	# Need this patch due to the rails mount	17	# Need this patch due to the rails mount
18	- @env['PATH_INFO'] = @request.path	18	+
		19	+ # Need this if under RELATIVE_URL_ROOT
		20	+ unless Gitlab.config.gitlab.relative_url_root.empty?
		21	+ # If website is mounted using relative_url_root need to remove it first
		22	+ @env['PATH_INFO'] = @request.path.sub(Gitlab.config.gitlab.relative_url_root,'')
		23	+ else
		24	+ @env['PATH_INFO'] = @request.path
		25	+ end
		26	+
19	@env['SCRIPT_NAME'] = ""	27	@env['SCRIPT_NAME'] = ""
20		28
21	auth!	29	auth!