GitLab

Created by: jasl8r

In the grack_auth.rb code the 'git-upload-pack' operation is protected by the :push_code permission. This prevents cloning (and probably pulling?). From what I can tell from http://git-scm.com/book/en/Git-Internals-Transfer-Protocols, git-upload-pack is only used for downloading. The permission should be changed to :download_code. By extension, should the validate_get_request also be protected by :download_code?