diff options
author | Imre Farkas <ifarkas@gitlab.com> | 2018-10-26 16:47:03 +0200 |
---|---|---|
committer | Imre Farkas <ifarkas@gitlab.com> | 2018-11-05 11:36:45 +0100 |
commit | 8d900ade3832b3e2812f067ace19bad7fd286d54 (patch) | |
tree | e81f35ae24282ec1c2843ed786e4b2803ac958f6 | |
parent | ef220c4d5baaaec54d4e9f46a4a777c29e2c0363 (diff) | |
download | gitlab-ce-use_tokenauthenticatable_method_for_token_lookup.tar.gz |
Remove PersonalAccessTokensFinder#find_by methoduse_tokenauthenticatable_method_for_token_lookup
find_by_token is overriden by TokenAuthenticatable which can be easily
missed or confused with #find_by(:token) defined by ActiveRecord. First
step for safer usage is to remove #find_by.
-rw-r--r-- | app/finders/personal_access_tokens_finder.rb | 2 | ||||
-rw-r--r-- | app/models/user.rb | 6 | ||||
-rw-r--r-- | changelogs/unreleased/53230-remove_personal_access_tokens_finder_find_by_method.yml | 5 | ||||
-rw-r--r-- | lib/api/users.rb | 4 | ||||
-rw-r--r-- | spec/finders/personal_access_tokens_finder_spec.rb | 8 |
5 files changed, 11 insertions, 14 deletions
diff --git a/app/finders/personal_access_tokens_finder.rb b/app/finders/personal_access_tokens_finder.rb index 81fd3b7a547..bd95dcd323f 100644 --- a/app/finders/personal_access_tokens_finder.rb +++ b/app/finders/personal_access_tokens_finder.rb @@ -3,7 +3,7 @@ class PersonalAccessTokensFinder attr_accessor :params - delegate :build, :find, :find_by, :find_by_token, to: :execute + delegate :build, :find, :find_by_id, :find_by_token, to: :execute def initialize(params = {}) @params = params diff --git a/app/models/user.rb b/app/models/user.rb index cc2cd1b7723..728ed7c0ef7 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -460,12 +460,6 @@ class User < ActiveRecord::Base by_username(username).take! end - def find_by_personal_access_token(token_string) - return unless token_string - - PersonalAccessTokensFinder.new(state: 'active').find_by_token(token_string)&.user # rubocop: disable CodeReuse/Finder - end - # Returns a user for the given SSH key. def find_by_ssh_key_id(key_id) Key.find_by(id: key_id)&.user diff --git a/changelogs/unreleased/53230-remove_personal_access_tokens_finder_find_by_method.yml b/changelogs/unreleased/53230-remove_personal_access_tokens_finder_find_by_method.yml new file mode 100644 index 00000000000..d4d78a2fd06 --- /dev/null +++ b/changelogs/unreleased/53230-remove_personal_access_tokens_finder_find_by_method.yml @@ -0,0 +1,5 @@ +--- +title: Remove PersonalAccessTokensFinder#find_by method +merge_request: 22617 +author: +type: fixed diff --git a/lib/api/users.rb b/lib/api/users.rb index 47382b09207..2a56506f3a5 100644 --- a/lib/api/users.rb +++ b/lib/api/users.rb @@ -512,11 +512,9 @@ module API PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options)) end - # rubocop: disable CodeReuse/ActiveRecord def find_impersonation_token - finder.find_by(id: declared_params[:impersonation_token_id]) || not_found!('Impersonation Token') + finder.find_by_id(declared_params[:impersonation_token_id]) || not_found!('Impersonation Token') end - # rubocop: enable CodeReuse/ActiveRecord end before { authenticated_as_admin! } diff --git a/spec/finders/personal_access_tokens_finder_spec.rb b/spec/finders/personal_access_tokens_finder_spec.rb index 3f22b3a253d..3e849c9a644 100644 --- a/spec/finders/personal_access_tokens_finder_spec.rb +++ b/spec/finders/personal_access_tokens_finder_spec.rb @@ -92,7 +92,7 @@ describe PersonalAccessTokensFinder do end describe 'with id' do - subject { finder(params).find_by(id: active_personal_access_token.id) } + subject { finder(params).find_by_id(active_personal_access_token.id) } it { is_expected.to eq(active_personal_access_token) } @@ -106,7 +106,7 @@ describe PersonalAccessTokensFinder do end describe 'with token' do - subject { finder(params).find_by(token: active_personal_access_token.token) } + subject { finder(params).find_by_token(active_personal_access_token.token) } it { is_expected.to eq(active_personal_access_token) } @@ -207,7 +207,7 @@ describe PersonalAccessTokensFinder do end describe 'with id' do - subject { finder(params).find_by(id: active_personal_access_token.id) } + subject { finder(params).find_by_id(active_personal_access_token.id) } it { is_expected.to eq(active_personal_access_token) } @@ -221,7 +221,7 @@ describe PersonalAccessTokensFinder do end describe 'with token' do - subject { finder(params).find_by(token: active_personal_access_token.token) } + subject { finder(params).find_by_token(active_personal_access_token.token) } it { is_expected.to eq(active_personal_access_token) } |