Update. Also check for valid e-mail strings:
----------------------------------
#!/opt/gitlab/embedded/bin/ruby
# @backup
# Fix the PATH so that gitlab-shell can find git-upload-pack and friends.
ENV['PATH'] = '/opt/gitlab/bin:/opt/gitlab/embedded/bin:' + ENV['PATH']
#!/usr/bin/env ruby
refs = ARGF.read
key_id = ENV['GL_ID']
repo_path = Dir.pwd
# get sha references
temp = refs.split(" ")
shaold = temp[0]
shanew = temp[1]
require '/opt/gitlab/embedded/service/gitlab-shell/lib/gitlab_access'
require '/opt/gitlab/embedded/service/gitlab-shell/lib/gitlab_custom_hook'
# read the remote user which is pushing
# distinguish between key-id (ssh access) and user-id (http access)
user = {}
if key_id =~ /\Akey\-\d+\Z/
# discover the user though its ssh key using GitLab shell function
require '/opt/gitlab/embedded/service/gitlab-shell/lib/gitlab_net'
api = GitlabNet.new
user = api.discover(key_id)
temp = `psql -h localhost -At -d gitlab -c "select email from users where
username='#{user['username']}';"`
temp = temp.encode('UTF-8', :invalid => :replace).strip
user["email"] = temp
elsif key_id =~ /\Auser\-\d+\Z/
# read user data directly from database table
dbid = key_id.gsub("user-", "")
temp = `psql -h localhost -At -d gitlab -c "select name from users where
id=#{dbid};"`
temp = temp.encode('UTF-8', :invalid => :replace).strip
user["name"] = temp
temp = `psql -h localhost -At -d gitlab -c "select username from users
where id=#{dbid};"`
temp = temp.encode('UTF-8', :invalid => :replace).strip
user["username"] = temp
temp = `psql -h localhost -At -d gitlab -c "select email from users where
id=#{dbid};"`
temp = temp.encode('UTF-8', :invalid => :replace).strip
user["email"] = temp
else
puts "Unknown GL_ID response: " + key_id
exit 1
end
## cn = committers name from SHA reference
cn = `git log #{shanew} --pretty=format:%cn --max-count=1`
## ce = committers email from SHA reference
ce = `git log #{shanew} --pretty=format:%ce --max-count=1`
## glu = GitLab usernames
glu = `psql -h localhost -At -d gitlab -c "select username from users order
by id;"`
glu = glu.encode('UTF-8', :invalid => :replace).strip
glu = glu.split("\n")
## gln = GitLab names
gln = `psql -h localhost -At -d gitlab -c "select name from users order by
id;"`
gln = gln.encode('UTF-8', :invalid => :replace).strip
gln = gln.split("\n")
## gln = GitLab emails
glm = `psql -h localhost -At -d gitlab -c "select email from users order by
id;"`
glm = glm.encode('UTF-8', :invalid => :replace).strip
glm = glm.split("\n")
## Provide some info to pusher
puts "Remote account is " + user['name'] + " (" + user['username'] + ", " +
user['email'] + ")"
## reject push if email is invalid format
pattern = /^[A-Za-z0-9]+[A-Za-z0-9._]*+@[A-Za-z0-9]+\.[A-Za-z]{2,4}$/
unless pattern.match(ce)
puts ""
puts "Rejecting push because of malformed e-mail '#{ce}'"
puts "Use \"git config user.email <email>\" to set things right"
puts "Note that you must perform a fresh commit do make the changes
active"
puts ""
exit 1
end
## loop all GitLab usernames and compare with committers name
found = 0
for index in 0..glu.length do
if (cn == glu[index]) or (cn == gln[index])
if (ce != glm[index])
## the main e-mail does not match, check for other configure e-mails
glmo = `psql -h localhost -At -d gitlab -c "select emails.email from
users,emails where users.username='#{user['username']}' and
users.id=emails.user_id;"`
glmo = glmo.encode('UTF-8', :invalid => :replace).strip
glmo = glmo.split("\n")
if !glmo.include?(ce)
puts ""
puts "Committers e-mail '#{ce}' does not match GitLab account"
puts "Use \"git config user.email <email>\" to set things right"
puts "Note that you must perform a fresh commit do make the changes
active"
puts "Or you could configure additional e-mails in your GitLab
account"
puts ""
exit 1
end
end
found = 1
break
end
end
## reject push if last committer is unknown
if found == 0
puts ""
puts "Rejecting push because of unknown committer '#{cn}'"
puts "Use \"git config user.name <account>\" to set things right"
puts "Note that you must perform a fresh commit do make the changes
active"
puts ""
exit 1
end
## the original GitLab code
if GitlabAccess.new(repo_path, key_id, refs).exec &&
GitlabCustomHook.new.pre_receive(refs, repo_path)
exit 0
else
exit 1
end
--
You received this message because you are subscribed to the Google Groups
"GitLab" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/gitlabhq/9c1847ab-ae3f-4fa8-a6d7-d085e6bd2387%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
