archive
/
ansible
mirror of https://github.com/ansible/ansible.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Check login_token for user before any operations (#23600)

Browse Source 
Fix adds extra check if user is authorized or not while
using login_token.

Fixes https://github.com/ansible/ansible/issues/23033

Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
pull/24410/head
Abhijeet Kasurde 8 years ago committed by John R Barker
parent e99815e9f5
commit a255cfd22a
3 changed files with 26 additions and 1 deletions
Show Stats Download Patch File Download Diff File

11
lib/ansible/modules/source_control/gitlab_group.py
Unescape Escape View File

@ -165,7 +165,8 @@ def main():
) )
if not HAS_GITLAB_PACKAGE: if not HAS_GITLAB_PACKAGE:
module.fail_json(msg="Missing requried gitlab module (check docs or install with: pip install pyapi-gitlab") module.fail_json(msg="Missing required gitlab module (check docs or "
"install with: pip install pyapi-gitlab")
server_url = module.params['server_url'] server_url = module.params['server_url']
verify_ssl = module.params['validate_certs'] verify_ssl = module.params['validate_certs']
@ -200,6 +201,14 @@ def main():
e = get_exception() e = get_exception()
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e) module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
# Check if user is authorized or not before proceeding to any operations
# if not, exit from here
auth_msg = git.currentuser().get('message', None)
if auth_msg is not None and auth_msg == '401 Unauthorized':
module.fail_json(msg='User unauthorized',
details="User is not allowed to access Gitlab server "
"using login_token. Please check login_token")
# Validate if group exists and take action based on "state" # Validate if group exists and take action based on "state"
group = GitLabGroup(module, git) group = GitLabGroup(module, git)
group_name = group_name.lower() group_name = group_name.lower()

8
lib/ansible/modules/source_control/gitlab_project.py
Unescape Escape View File

@ -375,6 +375,14 @@ def main():
e = get_exception() e = get_exception()
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e) module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
# Check if user is authorized or not before proceeding to any operations
# if not, exit from here
auth_msg = git.currentuser().get('message', None)
if auth_msg is not None and auth_msg == '401 Unauthorized':
module.fail_json(msg='User unauthorized',
details="User is not allowed to access Gitlab server "
"using login_token. Please check login_token")
# Validate if project exists and take action based on "state" # Validate if project exists and take action based on "state"
project = GitLabProject(module, git) project = GitLabProject(module, git)
project_exists = project.existsProject(group_name, project_name) project_exists = project.existsProject(group_name, project_name)

8
lib/ansible/modules/source_control/gitlab_user.py
Unescape Escape View File

@ -340,6 +340,14 @@ def main():
e = get_exception() e = get_exception()
module.fail_json(msg="Failed to connect to Gitlab server: %s " % e) module.fail_json(msg="Failed to connect to Gitlab server: %s " % e)
# Check if user is authorized or not before proceeding to any operations
# if not, exit from here
auth_msg = git.currentuser().get('message', None)
if auth_msg is not None and auth_msg == '401 Unauthorized':
module.fail_json(msg='User unauthorized',
details="User is not allowed to access Gitlab server "
"using login_token. Please check login_token")
# Validate if group exists and take action based on "state" # Validate if group exists and take action based on "state"
user = GitLabUser(module, git) user = GitLabUser(module, git)

Write Preview
Loading…
Cancel
Save