lib/geminabox/server.rb in geminabox-0.13.1 vs lib/geminabox/server.rb in geminabox-0.13.2
- old
+ new
@@ -17,11 +17,12 @@
:gem_permissions,
:allow_delete,
:lockfile,
:retry_interval,
:rubygems_proxy,
- :ruby_gems_url
+ :ruby_gems_url,
+ :allow_upload
)
if Server.rubygems_proxy
use Proxy::Hostess
else
@@ -35,10 +36,14 @@
def allow_delete?
allow_delete
end
+ def allow_upload?
+ allow_upload
+ end
+
def fixup_bundler_rubygems!
return if @post_reset_hook_applied
Gem.post_reset{ Gem::Specification.all = nil } if defined? Bundler and Gem.respond_to? :post_reset
@post_reset_hook_applied = true
end
@@ -83,10 +88,12 @@
end
get '/' do
@gems = load_gems
@index_gems = index_gems(@gems)
+ @allow_upload = self.class.allow_upload?
+ @allow_delete = self.class.allow_delete?
erb :index
end
get '/atom.xml' do
@gems = load_gems
@@ -100,10 +107,14 @@
get '/api/v1/dependencies.json' do
query_gems.any? ? gem_list.to_json : {}
end
get '/upload' do
+ unless self.class.allow_upload?
+ error_response(403, 'Gem uploading is disabled')
+ end
+
erb :upload
end
get '/reindex' do
serialize_update do
@@ -131,10 +142,14 @@
end
end
post '/upload' do
+ unless self.class.allow_upload?
+ error_response(403, 'Gem uploading is disabled')
+ end
+
if params[:file] && params[:file][:filename] && (tmpfile = params[:file][:tempfile])
serialize_update do
handle_incoming_gem(Geminabox::IncomingGem.new(tmpfile))
end
else
@@ -142,9 +157,13 @@
halt [400, erb(:upload)]
end
end
post '/api/v1/gems' do
+ unless self.class.allow_upload?
+ error_response(403, 'Gem uploading is disabled')
+ end
+
begin
serialize_update do
handle_incoming_gem(Geminabox::IncomingGem.new(request.body))
end
rescue Object => o