From 55d252b9c3d26bb9557dcb64097bb6f77b35d932 Mon Sep 17 00:00:00 2001 From: Stephan Vock Date: Wed, 11 Mar 2020 13:30:48 +0100 Subject: [PATCH] GitLab: properly handle token which has Guest only access --- src/Composer/Repository/Vcs/GitLabDriver.php | 24 ++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/src/Composer/Repository/Vcs/GitLabDriver.php b/src/Composer/Repository/Vcs/GitLabDriver.php index 306bf7124..1de093a2c 100644 --- a/src/Composer/Repository/Vcs/GitLabDriver.php +++ b/src/Composer/Repository/Vcs/GitLabDriver.php @@ -427,6 +427,30 @@ class GitLabDriver extends VcsDriver if ($fetchingRepoData) { $json = JsonFile::parseJson($res, $url); + // Accessing the API with a token with Guest (10) access will return + // more data than unauthenticated access but no default_branch data + // accessing files via the API will then also fail + if (!isset($json['default_branch']) && isset($json['permissions'])) { + $this->isPrivate = $json['visibility'] !== 'public'; + + $moreThanGuestAccess = false; + // Check both access levels (e.g. project, group) + // - value will be null if no access is set + // - value will be array with key access_level if set + foreach ($json['permissions'] as $permission) { + if ($permission && $permission['access_level'] > 10) { + $moreThanGuestAccess = true; + } + } + + if (!$moreThanGuestAccess) { + $this->io->writeError('GitLab token with Guest only access detected'); + $this->setupGitDriver($this->generateSshUrl()); + + return $res; + } + } + // force auth as the unauthenticated version of the API is broken if (!isset($json['default_branch'])) { if (!empty($json['id'])) {