diff options
author | Thiago Presa <tpresa@gitlab.com> | 2018-10-26 16:51:18 -0300 |
---|---|---|
committer | Thiago Presa <tpresa@gitlab.com> | 2018-10-26 16:51:18 -0300 |
commit | 98521d94f81b48257952a9219033c50e7144c3b9 (patch) | |
tree | 94f4b248a6861cd89ba7b5627aa9b5069835fb9b | |
parent | 37fcac9e4fca48cb13c82b05b4ec13d1ce2b15cd (diff) | |
parent | ba9a9b98ea17a174059bf8fbf37a46b4ea292083 (diff) | |
download | gitlab-ce-98521d94f81b48257952a9219033c50e7144c3b9.tar.gz |
Merge remote-tracking branch 'dev-ce/11-4-stable' into 11-4-stable-ee
-rw-r--r-- | app/finders/personal_access_tokens_finder.rb | 2 | ||||
-rw-r--r-- | app/models/user.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/auth.rb | 4 |
3 files changed, 3 insertions, 5 deletions
diff --git a/app/finders/personal_access_tokens_finder.rb b/app/finders/personal_access_tokens_finder.rb index 5beea92689f..81fd3b7a547 100644 --- a/app/finders/personal_access_tokens_finder.rb +++ b/app/finders/personal_access_tokens_finder.rb @@ -3,7 +3,7 @@ class PersonalAccessTokensFinder attr_accessor :params - delegate :build, :find, :find_by, to: :execute + delegate :build, :find, :find_by, :find_by_token, to: :execute def initialize(params = {}) @params = params diff --git a/app/models/user.rb b/app/models/user.rb index 66125a3c037..29aeea31f28 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -472,7 +472,7 @@ class User < ActiveRecord::Base def find_by_personal_access_token(token_string) return unless token_string - PersonalAccessTokensFinder.new(state: 'active').find_by(token: token_string)&.user # rubocop: disable CodeReuse/Finder + PersonalAccessTokensFinder.new(state: 'active').find_by_token(token_string)&.user # rubocop: disable CodeReuse/Finder end # Returns a user for the given SSH key. diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index ed1e51fd842..6205a08fc5b 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -151,17 +151,15 @@ module Gitlab end # rubocop: enable CodeReuse/ActiveRecord - # rubocop: disable CodeReuse/ActiveRecord def personal_access_token_check(password) return unless password.present? - token = PersonalAccessTokensFinder.new(state: 'active').find_by(token: password) + token = PersonalAccessTokensFinder.new(state: 'active').find_by_token(password) if token && valid_scoped_token?(token, available_scopes) Gitlab::Auth::Result.new(token.user, nil, :personal_access_token, abilities_for_scopes(token.scopes)) end end - # rubocop: enable CodeReuse/ActiveRecord def valid_oauth_token?(token) token && token.accessible? && valid_scoped_token?(token, [:api]) |