Skip to content

Commit

Permalink
Allow only authorized user to clone private projects
Browse files Browse the repository at this point in the history
  • Loading branch information
sonalkr132 committed Jun 13, 2015
1 parent 3a8e680 commit 7c3b9b8
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 25 deletions.
9 changes: 9 additions & 0 deletions app/models/user.rb
Original file line number Diff line number Diff line change
Expand Up @@ -64,4 +64,13 @@ def git_author_params
time: Time.now
}
end

# checks if the user if the owner of the passed project
def owner?(project)
if id == project.user.id
true
else
false
end
end
end
24 changes: 0 additions & 24 deletions config.ru
Original file line number Diff line number Diff line change
@@ -1,29 +1,5 @@

# This file is used by Rack-based servers to start the application.

# require './lib/rack/git_http'

require ::File.expand_path('../config/environment', __FILE__)
run Glitter::Application

# map '/health' do
# health = proc do |env|
# [200, { "Content-Type" => "text/html" }, ["1"]]
# end
# run health
# end


# map '/git' do
# use Rack::ShowExceptions

# config = {
# :project_root => "#{ENV["OPENSHIFT_DATA_DIR"]}/repos",
# :git_path => '/usr/bin/git',
# :upload_pack => true,
# :receive_pack => true,
# }

# run GitHttp::App.new(config)

# end
4 changes: 3 additions & 1 deletion lib/rack/grack_auth.rb
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,9 @@ def project_by_path(path)
def authorized_request?
case git_cmd
when *%w{ git-upload-pack git-upload-archive }
unless project.private
if user
user.owner?(project)
elsif !project.private
# Allow clone/fetch for public projects
true
else
Expand Down

0 comments on commit 7c3b9b8

Please sign in to comment.