GitLab has a mechanism that allows CI to clone repositories via HTTP
even when the HTTP protocol is disabled. This works as expected
when a project is private or internal. However, when a project is
public CI gets an error message that HTTP is not allowed. This
happens because Git only sends auth in a subsequent request after a
401 is returned first. For public projects, GitLab grabs onto that
unauthenticated request and sends it through since it recognizes
that Guests are ordinarily allowed to access the repository.
Later on this leads to a 403 since HTTP protocol is disabled.
Fix this by only continuing with unauthenticated requests when
HTTP is allowed.

Bob Van Landuyt :neckbeard: authored 5 years ago and Douwe Maan committed 5 years ago

This makes sure that we always have a repository type when trying to
parse a repository from a path.

This is needed because sometimes we want to perform access checks as
if the project already existed, for example when creating a project on
push.

Before this we were only doing that when accessing git over http, this
makes sure it also works correctly when accessing git over SSH

This changes the repository type from a binary `wiki?` to a type. So
we can have more than 2 repository types.

Now everywhere we called `.wiki?` and expected a boolean, we check
that type.

Enables frozen string for some vestigial files as
well as the following:

* app/controllers/projects/**/*.rb
* app/controllers/sherlock/**/*.rb
* app/controllers/snippets/**/*.rb
* app/controllers/users/**/*.rb

Partially addresses #47424.

Tiago Botelho authored 6 years ago and Jose Ivan Vargas Lopez committed 6 years ago

Specify environment actions to distinguish between metrics and every other environment related actions

Devise sets `current_user`, but not all controllers authenticate users by
session tokens. Try to use the controller-defined `authenticated_user` if
`current_user` is not available.

Closes gitlab-org/gitlab-ee#3611

If internal auth is disabled and LDAP is not configured on the instance,
present the user with a message to create a personal access token if his
Git over HTTP auth attempt fails.

add complete changelog for !8949

Also create a new WorkhorseRequest concern

Signed-off-by: Rémy Coutable <remy@rymai.me>

Ensure external users are not able to clone disabled repositories.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/23788



See merge request !2017

Signed-off-by: Rémy Coutable <remy@rymai.me>

Revert "Revert all changes introduced by https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6043"

This reverts commit 6d43c95b.

Use special characters for `lfs+deploy-key` to prevent a someone from creating a user with this username, and method name refactoring.

- Required on the GitLab Rails side is mostly authentication and API related.