Merge pull request #2258 from jasl8r/issue-2193-grack-read-only-access

Support read-only access for git over HTTP

Merge pull request #2258 from jasl8r/issue-2193-grack-read-only-access
Support read-only access for git over HTTP
Dmitriy Zaporozhets
2 parents 439d03bb 6cf5d7c9
Showing 1 changed file with 2 additions and 2 deletions Show diff stats
lib/gitlab/backend/grack_auth.rb
@@ -38,12 +38,12 @@ module Grack
     end
     def validate_get_request
-      true
+      can?(user, :download_code, project)
     end
     def validate_post_request
       if @request.path_info.end_with?('git-upload-pack')
-        can?(user, :push_code, project)
+        can?(user, :download_code, project)
       elsif @request.path_info.end_with?('git-receive-pack')
         action = if project.protected_branch?(current_ref)
                    :push_code_to_protected_branches
	@@ -38,12 +38,12 @@ module Grack		@@ -38,12 +38,12 @@ module Grack
38	end	38	end
39		39
40	def validate_get_request	40	def validate_get_request
41	- true	41	+ can?(user, :download_code, project)
42	end	42	end
43		43
44	def validate_post_request	44	def validate_post_request
45	if @request.path_info.end_with?('git-upload-pack')	45	if @request.path_info.end_with?('git-upload-pack')
46	- can?(user, :push_code, project)	46	+ can?(user, :download_code, project)
47	elsif @request.path_info.end_with?('git-receive-pack')	47	elsif @request.path_info.end_with?('git-receive-pack')
48	action = if project.protected_branch?(current_ref)	48	action = if project.protected_branch?(current_ref)
49	:push_code_to_protected_branches	49	:push_code_to_protected_branches