lfsapi: stop writing url auth to access keys
This commit is contained in:
parent
b6b252ff2a
commit
4a8f0463d5
@ -303,7 +303,7 @@ func TestGetCreds(t *testing.T) {
|
||||
Href: "https://git-server.com/repo/lfs/locks",
|
||||
Config: map[string]string{
|
||||
"lfs.url": "https://user@git-server.com/repo/lfs",
|
||||
"lfs.https://user@git-server.com/repo/lfs.access": "basic",
|
||||
"lfs.https://git-server.com/repo/lfs.access": "basic",
|
||||
},
|
||||
Expected: getCredsExpected{
|
||||
Access: BasicAccess,
|
||||
@ -348,7 +348,7 @@ func TestGetCreds(t *testing.T) {
|
||||
Href: "https://git-server.com/repo/locks",
|
||||
Config: map[string]string{
|
||||
"lfs.url": "https://user:pass@git-server.com/repo",
|
||||
"lfs.https://user:pass@git-server.com/repo.access": "basic",
|
||||
"lfs.https://git-server.com/repo.access": "basic",
|
||||
},
|
||||
Expected: getCredsExpected{
|
||||
Access: BasicAccess,
|
||||
|
@ -182,20 +182,23 @@ func (e *endpointGitFinder) AccessFor(rawurl string) Access {
|
||||
return NoneAccess
|
||||
}
|
||||
|
||||
accessurl := urlWithoutAuth(rawurl)
|
||||
|
||||
e.accessMu.Lock()
|
||||
defer e.accessMu.Unlock()
|
||||
|
||||
if cached, ok := e.urlAccess[rawurl]; ok {
|
||||
if cached, ok := e.urlAccess[accessurl]; ok {
|
||||
return cached
|
||||
}
|
||||
|
||||
key := fmt.Sprintf("lfs.%s.access", rawurl)
|
||||
e.urlAccess[rawurl] = fetchGitAccess(e.git, key)
|
||||
return e.urlAccess[rawurl]
|
||||
key := fmt.Sprintf("lfs.%s.access", accessurl)
|
||||
e.urlAccess[accessurl] = fetchGitAccess(e.git, key)
|
||||
return e.urlAccess[accessurl]
|
||||
}
|
||||
|
||||
func (e *endpointGitFinder) SetAccess(rawurl string, access Access) {
|
||||
key := fmt.Sprintf("lfs.%s.access", rawurl)
|
||||
accessurl := urlWithoutAuth(rawurl)
|
||||
key := fmt.Sprintf("lfs.%s.access", accessurl)
|
||||
tracerx.Printf("setting repository access to %s", access)
|
||||
|
||||
e.accessMu.Lock()
|
||||
@ -204,13 +207,28 @@ func (e *endpointGitFinder) SetAccess(rawurl string, access Access) {
|
||||
switch access {
|
||||
case emptyAccess, NoneAccess:
|
||||
git.Config.UnsetLocalKey("", key)
|
||||
e.urlAccess[rawurl] = NoneAccess
|
||||
e.urlAccess[accessurl] = NoneAccess
|
||||
default:
|
||||
git.Config.SetLocal("", key, string(access))
|
||||
e.urlAccess[rawurl] = access
|
||||
e.urlAccess[accessurl] = access
|
||||
}
|
||||
}
|
||||
|
||||
func urlWithoutAuth(rawurl string) string {
|
||||
if !strings.Contains(rawurl, "@") {
|
||||
return rawurl
|
||||
}
|
||||
|
||||
u, err := url.Parse(rawurl)
|
||||
if err != nil {
|
||||
fmt.Fprintf(os.Stderr, "Error parsing URL %q: %s", rawurl, err)
|
||||
return rawurl
|
||||
}
|
||||
|
||||
u.User = nil
|
||||
return u.String()
|
||||
}
|
||||
|
||||
func fetchGitAccess(git env, key string) Access {
|
||||
if v, _ := git.Get(key); len(v) > 0 {
|
||||
access := Access(strings.ToLower(v))
|
||||
|
Loading…
Reference in New Issue
Block a user