Sha256: 057c4fbe4b224e7530103f8659f2bf03d7e36bd6838020f3e4eec4dcc5478cd9
Contents?: true
Size: 1.48 KB
Versions: 5
Compression:
Stored size: 1.48 KB
Contents
module GitWit
module Commands
module GitShell
GIT_SHELL_COMMAND_RE = /^(git-[^\s]+)\s+'([^']+\.git)'/
GIT_SHELL_COMMANDS = %w(git-upload-pack git-receive-pack git-upload-archive)
def git_shell(user, cmd = nil, repo = nil)
@command, @repository, @user = cmd, repo, nil
exec_with_sudo!
boot_app
parse_ssh_original_command if ENV["SSH_ORIGINAL_COMMAND"].present?
validate_git_shell_command
authenticate user
authorize
run_git_shell
end
protected
def parse_ssh_original_command
m = GIT_SHELL_COMMAND_RE.match ENV["SSH_ORIGINAL_COMMAND"]
nothing, @command, @repository = m.to_a if m.present?
end
def validate_git_shell_command
unless GIT_SHELL_COMMANDS.include? @command
abort "Unknown git shell command: #{@command}"
end
end
def authenticate(user)
@user = GitWit.user_for_authentication user
abort "Anonymous access denied via SSH" unless @user.present?
end
def authorize
op = @command == "git-receive-pack" ? :write : :read
abort "Unauthorized" unless GitWit.authorize op, @user, @repository
end
def run_git_shell
repo_path = File.expand_path File.join(GitWit.repositories_path, @repository)
cmd = [GitWit.git_path, "shell", "-c", "#{@command} '#{repo_path}'"]
Rails.logger.info "GitWit SSH cmd: #{cmd.join " "}"
exec *cmd
end
end
end
end
Version data entries
5 entries across 5 versions & 1 rubygems