-
Notifications
You must be signed in to change notification settings - Fork 33
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
grack and auth #302
grack and auth #302
Conversation
sonalkr132
commented
Jun 10, 2015
- integrate gitlab-grack
- override auth of grack
- allow cloning of only public projects
- auth for cloning of private projects
- auth for push to projects
- change path of bare repo and sync it with non-bare one
- generate commit and inspire images
- test for auth before clone, push, pull and fetch
- allow owner of project to add collaborators
- test project access
Previous exisiting implementation was outdated and didn't use grack adapter. Current state is lockdown, rack::auth::basic needs to be overridden for auth.
Override grack::auth module to add authentication. If user tries to clone private ones he will be asked to enter his username and password. Auth is working, however cloning of private projects is still in locked downstate. Cloning of public projects doesn't ask user to login. Only check is that project exists in our DB. Push command template for auth is also added.
Check if user is owner of the project when git sends push request or clone request for private projects.
Changed path of barer repo from repos/username/project/bare.git to repos/username/project.git, so that user can use conventional push url: git push http://localhost:3000/username/project.git branch_name Push form terminal is made to bare one, which required that non-bare and bare are synced. Since rugged doesn't support local push to non-bare repo, first we need to fetch and then update the branch ref with fetched remote ref. Override of grack::server was required cause we need to sync only after push to bare was successful. <- May need refactoring
Last image each commit and its parent's diff is used to generate the thumbnails. Last image of repo.head.target and its parent's diff is use to generate the inspire images. Some changes were made in project.rb (model) file so that generation of images after push form shell and changes form web UI are consistent.
…or master Updating inspire image everytime an image is updated on any branch would require tracking of last updated branch. <- Possible TODO
Here is deployment: http://ruby-glitterfollowers.rhcloud.com Please take out some time to test it and break it. I have covered all the cases I could think of, however I am sure there are cases left where it will break.
Possible changes/refactoring:
Help: |
Forward slash in repo_path was causing git commands to fail on openshift. Also fixed other tests on project model due to new changes.
- get_context moved to application controller so that both issues and project_members controller can share it. - Current_user is added as owner when he creates a new project. - Name of foreign for project was changed from project_id to gallery_id. it was conflicting with other things named project_id - Project owners can search and add new users as owner, collaborator and reporters on project's setting page. There can be only one relationship between a project and a user.
Before this commit, logic of checking project being private was in view, which was not safe. It also added ability of members of projects. Collaborator and owners have read and write access to project from web UI. Guests and reporters (in case of private projects) have read access. Only project owners can delete projects.
Collaborators and owners can perform all git commands, while reporters can only clone and fetch. For now only roles that can be added are collaborator and reporter. Addition of owner would mean supporting transfering of ownership. Other changes: check if diff object is nil or one for creation of dir. If so then find diff in next parent-commit pair. Inspire_image generation was giving: ActionView::Template::Error (undefined method `new_file' for nil:NilClass)
Create action of ProjectMember is as such because we need to allow only project owners to add members, however there is no way ability model can know about three objects (project, user and project_member)
…bers feature Exisiting tests of project and issues controller and ability model were modified to incorperate addition of members to projects. A new helper for spec was made for addition of project members cause it was used at quite a few places across different spec files.
I have updated deployment http://ruby-glitterfollowers.rhcloud.com/ You can test following users for private project: addie/Batman username: reporter For further details of ability please read spec/models/ability_spec.rb NOTE: You can see private projects on index page. <- will fix in a new PR |
Other changes: Allow only members to see their member_projects. If we allow others to see it as well then we would need to take care of quite a few things. Show public contribution <- Nice to have and later