diff options
| author | Lin Jen-Shin <godfat@godfat.org> | 2016-05-20 17:38:08 -0500 |
|---|---|---|
| committer | Lin Jen-Shin <godfat@godfat.org> | 2016-05-20 17:38:08 -0500 |
| commit | c2bc15a7669b8f21b12314f8607a02cf7d8b4828 (patch) | |
| tree | 2d37f88348fe9cfbd94ff4f3ca5df631d0410c2d | |
| parent | a7f6b75e7fba69964e84a0ae96c77650c66bb031 (diff) | |
| download | gitlab-ce-c2bc15a7669b8f21b12314f8607a02cf7d8b4828.tar.gz | |
Use the authentication_token for finding the user
| -rw-r--r-- | lib/gitlab/email/handler/create_issue.rb | 11 | ||||
| -rw-r--r-- | spec/lib/gitlab/email/receiver_spec.rb | 6 |
2 files changed, 4 insertions, 13 deletions
diff --git a/lib/gitlab/email/handler/create_issue.rb b/lib/gitlab/email/handler/create_issue.rb index 8829fbb0e49..72d49ec6c96 100644 --- a/lib/gitlab/email/handler/create_issue.rb +++ b/lib/gitlab/email/handler/create_issue.rb @@ -11,7 +11,6 @@ module Gitlab def execute validate_permission!(:create_issue) - validate_authentication_token! verify_record( create_issue, @@ -21,10 +20,7 @@ module Gitlab end def author - @author ||= mail.from.find do |email| - user = User.find_by_any_email(email) - break user if user - end + @author ||= User.find_by(authentication_token: authentication_token) end def project @@ -48,11 +44,6 @@ module Gitlab description: message ).execute end - - def validate_authentication_token! - raise UserNotAuthorizedError unless author.authentication_token == - authentication_token - end end end end diff --git a/spec/lib/gitlab/email/receiver_spec.rb b/spec/lib/gitlab/email/receiver_spec.rb index e892da7bb46..a9e2be0ad47 100644 --- a/spec/lib/gitlab/email/receiver_spec.rb +++ b/spec/lib/gitlab/email/receiver_spec.rb @@ -224,11 +224,11 @@ describe Gitlab::Email::Receiver, lib: true do end end - context "when the authentication_token token didn't match" do + context "when we can't find the authentication_token" do let!(:email_raw) { fixture_file("emails/wrong_authentication_token.eml") } - it "raises an UserNotAuthorizedError" do - expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotAuthorizedError) + it "raises an UserNotFoundError" do + expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotFoundError) end end |