gitlabhq
diff --git a/‎CHANGELOG‎
Lines changed: 3 additions & 0 deletions b/‎CHANGELOG‎
Lines changed: 3 additions & 0 deletions
diff --git a/‎VERSION‎
Lines changed: 1 addition & 1 deletion b/‎VERSION‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎lib/gitlab_access.rb‎
Lines changed: 2 additions & 6 deletions b/‎lib/gitlab_access.rb‎
Lines changed: 2 additions & 6 deletions
diff --git a/‎lib/object_dirs_helper.rb‎
Lines changed: 39 additions & 0 deletions b/‎lib/object_dirs_helper.rb‎
Lines changed: 39 additions & 0 deletions
diff --git a/‎spec/object_dirs_helper_spec.rb‎
Lines changed: 95 additions & 0 deletions b/‎spec/object_dirs_helper_spec.rb‎
Lines changed: 95 additions & 0 deletions
@@ -1,3 +1,6 @@
+v5.9.4
+ - Add relative git object dir envvars to check access request
+
 v5.9.3
  - Expose GitLab username to hooks in `GL_USERNAME` environment variable
 
 
@@ -1 +1 @@
-5.9.3
+5.9.4
@@ -3,6 +3,7 @@
 require_relative 'gitlab_access_status'
 require_relative 'names_helper'
 require_relative 'gitlab_metrics'
+require_relative 'object_dirs_helper'
 require 'json'
 
 class GitlabAccess
@@ -23,12 +24,7 @@ def initialize(gl_repository, repo_path, actor, changes, protocol)
 
  def exec
  status = GitlabMetrics.measure('check-access:git-receive-pack') do
- env = {
- "GIT_ALTERNATE_OBJECT_DIRECTORIES" => ENV["GIT_ALTERNATE_OBJECT_DIRECTORIES"],
- "GIT_OBJECT_DIRECTORY" => ENV["GIT_OBJECT_DIRECTORY"]
- }
-
- api.check_access('git-receive-pack', @gl_repository, @repo_path, @actor, @changes, @protocol, env: env.to_json)
+ api.check_access('git-receive-pack', @gl_repository, @repo_path, @actor, @changes, @protocol, env: ObjectDirsHelper.all_attributes.to_json)
  end
 
  raise AccessDeniedError, status.message unless status.allowed?
 
@@ -0,0 +1,39 @@
+require 'pathname'
+
+class ObjectDirsHelper
+ class << self
+ def all_attributes
+ {
+ "GIT_ALTERNATE_OBJECT_DIRECTORIES" => absolute_alt_object_dirs,
+ "GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE" => relative_alt_object_dirs,
+ "GIT_OBJECT_DIRECTORY" => absolute_object_dir,
+ "GIT_OBJECT_DIRECTORY_RELATIVE" => relative_object_dir
+ }
+ end
+
+ def absolute_object_dir
+ ENV['GIT_OBJECT_DIRECTORY']
+ end
+
+ def relative_object_dir
+ relative_path(absolute_object_dir)
+ end
+
+ def absolute_alt_object_dirs
+ ENV['GIT_ALTERNATE_OBJECT_DIRECTORIES'].to_s.split(File::PATH_SEPARATOR)
+ end
+
+ def relative_alt_object_dirs
+ absolute_alt_object_dirs.map { |dir| relative_path(dir) }.compact
+ end
+
+ private
+
+ def relative_path(absolute_path)
+ return if absolute_path.nil?
+
+ repo_dir = Dir.pwd
+ Pathname.new(absolute_path).relative_path_from(Pathname.new(repo_dir)).to_s
+ end
+ end
+end
@@ -0,0 +1,95 @@
+require_relative 'spec_helper'
+require_relative '../lib/object_dirs_helper'
+
+describe ObjectDirsHelper do
+ before do
+ allow(Dir).to receive(:pwd).and_return('/home/git/repositories/foo/bar.git')
+ end
+
+ describe '.all_attributes' do
+ it do
+ expect(described_class.all_attributes.keys).to include(*%w[
+ GIT_OBJECT_DIRECTORY
+ GIT_OBJECT_DIRECTORY_RELATIVE
+ GIT_ALTERNATE_OBJECT_DIRECTORIES
+ GIT_ALTERNATE_OBJECT_DIRECTORIES_RELATIVE
+ ])
+ end
+ end
+
+ describe '.absolute_object_dir' do
+ subject { described_class.absolute_object_dir }
+
+ context 'when GIT_OBJECT_DIRECTORY is set' do
+ let(:dir) { '/home/git/repositories/foo/bar.git/./objects' }
+
+ before do
+ allow(ENV).to receive(:[]).with('GIT_OBJECT_DIRECTORY').and_return(dir)
+ end
+
+ it { expect(subject).to eq(dir) }
+ end
+
+ context 'when GIT_OBJECT_DIRECTORY is not set' do
+ it { expect(subject).to be_nil }
+ end
+ end
+
+ describe '.absolute_alt_object_dirs' do
+ subject { described_class.absolute_alt_object_dirs }
+
+ context 'when GIT_ALTERNATE_OBJECT_DIRECTORIES is set' do
+ let(:dirs) { [
+ '/home/git/repositories/foo/bar.git/./incoming-UKU6Gl',
+ '/home/git/repositories/foo/bar.git/./incoming-AcU7Qr'
+ ] }
+
+ before do
+ allow(ENV).to receive(:[]).with('GIT_ALTERNATE_OBJECT_DIRECTORIES').and_return(dirs.join(File::PATH_SEPARATOR))
+ end
+
+ it { expect(subject).to eq(dirs) }
+ end
+
+ context 'when GIT_ALTERNATE_OBJECT_DIRECTORIES is not set' do
+ it { expect(subject).to eq([]) }
+ end
+ end
+
+ describe '.relative_alt_object_dirs' do
+ subject { described_class.relative_alt_object_dirs }
+
+ context 'when GIT_ALTERNATE_OBJECT_DIRECTORIES is set' do
+ let(:dirs) { [
+ '/home/git/repositories/foo/bar.git/./objects/incoming-UKU6Gl',
+ '/home/git/repositories/foo/bar.git/./objects/incoming-AcU7Qr'
+ ] }
+
+ before do
+ allow(ENV).to receive(:[]).with('GIT_ALTERNATE_OBJECT_DIRECTORIES').and_return(dirs.join(File::PATH_SEPARATOR))
+ end
+
+ it { expect(subject).to eq(['objects/incoming-UKU6Gl', 'objects/incoming-AcU7Qr']) }
+ end
+
+ context 'when GIT_ALTERNATE_OBJECT_DIRECTORIES is not set' do
+ it { expect(subject).to eq([]) }
+ end
+ end
+
+ describe '.relative_object_dir' do
+ subject { described_class.relative_object_dir }
+
+ context 'when GIT_OBJECT_DIRECTORY is set' do
+ before do
+ allow(ENV).to receive(:[]).with('GIT_OBJECT_DIRECTORY').and_return('/home/git/repositories/foo/bar.git/./objects')
+ end
+
+ it { expect(subject).to eq('objects') }
+ end
+
+ context 'when GIT_OBJECT_DIRECTORY is not set' do
+ it { expect(subject).to be_nil }
+ end
+ end
+end
-Original file line number
+Diff line change
@@ @@ -1,3 +1,6 @@ @@
 +v5.9.4
 + - Add relative git object dir envvars to check access request
++
 v5.9.3
  - Expose GitLab username to hooks in `GL_USERNAME` environment variable