Fix Git-over-HTTP rejections
What does this MR do?
It fixes the HTTP status code and rendered error message when rejecting Git access to public projects (it is always 404 when it should sometimes be 401 or a different error message). See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11259#note_29331791 for when this was discovered.
- Pushes authorization logic out of GitHttpController and into GitAccess
- Surfaces GitAccess error messages directly, instead of always “Access denied”. We already do this in EE
- Do not short-circuit GitAccess usage, e.g. the “Project not found” error
- Makes HTTP status codes more accurate
- Adds more tests to ensure Git-over-HTTP behaves as desired
- Tests Git-over-HTTP error messages as well as status codes
- Fixes some broken tests
Why was this MR needed?
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11259#note_29331791
Does this MR meet the acceptance criteria?
-
Changelog entry added, if necessary -
Documentation created/updated -
API support added - Tests
-
Added for this feature/bug -
All builds are passing
-
-
Conform by the merge request performance guides -
Conform by the style guides -
Branch has no merge conflicts with master(if it does - rebase it please) -
Squashed related commits together
Edited by username-removed-1144264