diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-02 12:07:57 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-02 12:07:57 +0000 |
commit | 988b28ec1a379d38f6ac9ed04886ee564fd447fd (patch) | |
tree | 9d93267209387e62d23ea7abf81ef9c0d64f2f0b /app/controllers/concerns | |
parent | a325f3a104748ecc68df7c3d793940aa709a111f (diff) | |
download | gitlab-ce-988b28ec1a379d38f6ac9ed04886ee564fd447fd.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r-- | app/controllers/concerns/sessionless_authentication.rb | 12 |
1 files changed, 3 insertions, 9 deletions
diff --git a/app/controllers/concerns/sessionless_authentication.rb b/app/controllers/concerns/sessionless_authentication.rb index d5c26fca957..a9ef33bf3b9 100644 --- a/app/controllers/concerns/sessionless_authentication.rb +++ b/app/controllers/concerns/sessionless_authentication.rb @@ -5,12 +5,6 @@ # Controller concern to handle PAT, RSS, and static objects token authentication methods # module SessionlessAuthentication - extend ActiveSupport::Concern - - included do - before_action :enable_admin_mode!, if: :sessionless_user? - end - # This filter handles personal access tokens, atom requests with rss tokens, and static object tokens def authenticate_sessionless_user!(request_format) user = Gitlab::Auth::RequestAuthenticator.new(request).find_sessionless_user(request_format) @@ -32,9 +26,9 @@ module SessionlessAuthentication end end - def enable_admin_mode! - return unless Feature.enabled?(:user_mode_in_session) + def sessionless_bypass_admin_mode!(&block) + return yield unless Feature.enabled?(:user_mode_in_session) - current_user_mode.enable_sessionless_admin_mode! + Gitlab::Auth::CurrentUserMode.bypass_session!(current_user.id, &block) end end |