Namespace access token session key in `Import::GithubController`

Signed-off-by: Rémy Coutable <remy@rymai.me>

6 files changed, 38 insertions, 30 deletions

diff --git a/app/controllers/import/gitea_controller.rb b/app/controllers/import/gitea_controller.rb
index 3bc21e62a1e..fbd851c64a7 100644
--- a/app/controllers/import/gitea_controller.rb
+++ b/app/controllers/import/gitea_controller.rb
@@ -1,22 +1,26 @@
 class Import::GiteaController < Import::GithubController
   def new
-    if session[:access_token].present? && session[:host_url].present?
+    if session[access_token_key].present? && session[host_key].present?
       redirect_to status_import_url
     end
   end
 
   def personal_access_token
-    session[:host_url] = params[:gitea_host_url]
+    session[host_key] = params[host_key]
     super
   end
 
   def status
-    @gitea_host_url = session[:host_url]
+    @gitea_host_url = session[host_key]
     super
   end
 
   private
 
+  def host_key
+    :"#{provider}_host_url"
+  end
+
   # Overriden methods
   def provider
     :gitea
@@ -29,13 +33,13 @@ class Import::GiteaController < Import::GithubController
   end
 
   def provider_auth
-    if session[:access_token].blank? || session[:host_url].blank?
+    if session[access_token_key].blank? || session[host_key].blank?
       redirect_to new_import_gitea_url,
         alert: 'You need to specify both an Access Token and a Host URL.'
     end
   end
 
   def client_options
-    { host: session[:host_url], api_version: 'v1' }
+    { host: session[host_key], api_version: 'v1' }
   end
 end
diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb
index 4ae121ec482..53a5981e564 100644
--- a/app/controllers/import/github_controller.rb
+++ b/app/controllers/import/github_controller.rb
@@ -7,18 +7,18 @@ class Import::GithubController < Import::BaseController
   def new
     if logged_in_with_provider?
       go_to_provider_for_permissions
-    elsif session[:access_token]
+    elsif session[access_token_key]
       redirect_to status_import_url
     end
   end
 
   def callback
-    session[:access_token] = client.get_token(params[:code])
+    session[access_token_key] = client.get_token(params[:code])
     redirect_to status_import_url
   end
 
   def personal_access_token
-    session[:access_token] = params[:personal_access_token]
+    session[access_token_key] = params[:personal_access_token]
     redirect_to status_import_url
   end
 
@@ -52,7 +52,7 @@ class Import::GithubController < Import::BaseController
   private
 
   def client
-    @client ||= Gitlab::GithubImport::Client.new(session[:access_token], client_options)
+    @client ||= Gitlab::GithubImport::Client.new(session[access_token_key], client_options)
   end
 
   def verify_import_enabled
@@ -80,13 +80,17 @@ class Import::GithubController < Import::BaseController
   end
 
   def provider_unauthorized
-    session[:access_token] = nil
+    session[access_token_key] = nil
     redirect_to new_import_url,
       alert: "Access denied to your #{Gitlab::ImportSources.title(provider.to_s)} account."
   end
 
+  def access_token_key
+    :"#{provider}_access_token"
+  end
+
   def access_params
-    { github_access_token: session[:access_token] }
+    { github_access_token: session[access_token_key] }
   end
 
   # The following methods are overriden in subclasses
@@ -99,7 +103,7 @@ class Import::GithubController < Import::BaseController
   end
 
   def provider_auth
-    if session[:access_token].blank?
+    if session[access_token_key].blank?
       go_to_provider_for_permissions
     end
   end
diff --git a/spec/controllers/import/gitea_controller_spec.rb b/spec/controllers/import/gitea_controller_spec.rb
index 3643386ffbc..5ba64ab3eed 100644
--- a/spec/controllers/import/gitea_controller_spec.rb
+++ b/spec/controllers/import/gitea_controller_spec.rb
@@ -9,7 +9,7 @@ describe Import::GiteaController do
   include_context 'a GitHub-ish import controller'
 
   def assign_host_url
-    session[:host_url] = host_url
+    session[:gitea_host_url] = host_url
   end
 
   describe "GET new" do
diff --git a/spec/controllers/import/github_controller_spec.rb b/spec/controllers/import/github_controller_spec.rb
index 55820a7cc65..95696e14b6c 100644
--- a/spec/controllers/import/github_controller_spec.rb
+++ b/spec/controllers/import/github_controller_spec.rb
@@ -29,7 +29,7 @@ describe Import::GithubController do
 
       get :callback
 
-      expect(session[:access_token]).to eq(token)
+      expect(session[:github_access_token]).to eq(token)
       expect(controller).to redirect_to(status_import_github_url)
     end
   end
diff --git a/spec/support/controllers/githubish_import_controller_shared_examples.rb b/spec/support/controllers/githubish_import_controller_shared_examples.rb
index e11ab802095..d0fd2d52004 100644
--- a/spec/support/controllers/githubish_import_controller_shared_examples.rb
+++ b/spec/support/controllers/githubish_import_controller_shared_examples.rb
@@ -4,6 +4,10 @@
 #   Note: You have access to `email_value` which is the email address value
 #         being currently tested).
 
+def assign_session_token(provider)
+  session[:"#{provider}_access_token"] = 'asdasd12345'
+end
+
 shared_examples 'a GitHub-ish import controller: POST personal_access_token' do
   let(:status_import_url) { public_send("status_import_#{provider}_url") }
 
@@ -15,7 +19,7 @@ shared_examples 'a GitHub-ish import controller: POST personal_access_token' do
 
     post :personal_access_token, personal_access_token: token
 
-    expect(session[:access_token]).to eq(token)
+    expect(session[:"#{provider}_access_token"]).to eq(token)
     expect(controller).to redirect_to(status_import_url)
   end
 end
@@ -24,7 +28,7 @@ shared_examples 'a GitHub-ish import controller: GET new' do
   let(:status_import_url) { public_send("status_import_#{provider}_url") }
 
   it "redirects to status if we already have a token" do
-    assign_session_token
+    assign_session_token(provider)
     allow(controller).to receive(:logged_in_with_provider?).and_return(false)
 
     get :new
@@ -48,7 +52,7 @@ shared_examples 'a GitHub-ish import controller: GET status' do
   let(:extra_assign_expectations) { {} }
 
   before do
-    assign_session_token
+    assign_session_token(provider)
   end
 
   it "assigns variables" do
@@ -80,7 +84,7 @@ shared_examples 'a GitHub-ish import controller: GET status' do
 
     get :status
 
-    expect(session[:access_token]).to eq(nil)
+    expect(session[:"#{provider}_access_token"]).to be_nil
     expect(controller).to redirect_to(new_import_url)
     expect(flash[:alert]).to eq("Access denied to your #{Gitlab::ImportSources.title(provider.to_s)} account.")
   end
@@ -100,11 +104,11 @@ shared_examples 'a GitHub-ish import controller: POST create' do
 
   before do
     stub_client(user: provider_user, repo: provider_repo)
-    assign_session_token
+    assign_session_token(provider)
   end
 
-  context "when the repository owner is the Gitea user" do
-    context "when the Gitea user and GitLab user's usernames match" do
+  context "when the repository owner is the provider user" do
+    context "when the provider user and GitLab user's usernames match" do
       it "takes the current user's namespace" do
         expect(Gitlab::GithubImport::ProjectCreator).
           to receive(:new).with(provider_repo, provider_repo.name, user.namespace, user, access_params, type: provider).
@@ -114,7 +118,7 @@ shared_examples 'a GitHub-ish import controller: POST create' do
       end
     end
 
-    context "when the Gitea user and GitLab user's usernames don't match" do
+    context "when the provider user and GitLab user's usernames don't match" do
       let(:provider_username) { "someone_else" }
 
       it "takes the current user's namespace" do
@@ -127,15 +131,15 @@ shared_examples 'a GitHub-ish import controller: POST create' do
     end
   end
 
-  context "when the repository owner is not the Gitea user" do
+  context "when the repository owner is not the provider user" do
     let(:other_username) { "someone_else" }
 
     before do
       provider_repo.owner = OpenStruct.new(login: other_username)
-      assign_session_token
+      assign_session_token(provider)
     end
 
-    context "when a namespace with the Gitea user's username already exists" do
+    context "when a namespace with the provider user's username already exists" do
       let!(:existing_namespace) { create(:namespace, name: other_username, owner: user) }
 
       context "when the namespace is owned by the GitLab user" do
@@ -164,7 +168,7 @@ shared_examples 'a GitHub-ish import controller: POST create' do
       end
     end
 
-    context "when a namespace with the Gitea user's username doesn't exist" do
+    context "when a namespace with the provider user's username doesn't exist" do
       context "when current user can create namespaces" do
         it "creates the namespace" do
           expect(Gitlab::GithubImport::ProjectCreator).
diff --git a/spec/support/import_spec_helper.rb b/spec/support/import_spec_helper.rb
index cd25e05ac4b..6710962f082 100644
--- a/spec/support/import_spec_helper.rb
+++ b/spec/support/import_spec_helper.rb
@@ -30,8 +30,4 @@ module ImportSpecHelper
     )
     allow(Gitlab.config.omniauth).to receive(:providers).and_return([provider])
   end
-
-  def assign_session_token
-    session[:access_token] = 'asdasd12345'
-  end
 end