summaryrefslogtreecommitdiff
path: root/app/controllers/jwt_controller.rb
diff options
context:
space:
mode:
authorMayra Cabrera <mcabrera@gitlab.com>2018-03-31 16:45:02 -0600
committerMayra Cabrera <mcabrera@gitlab.com>2018-04-06 21:20:16 -0500
commitaaa6d80870d5215390a7cd919d91309e5a8795b7 (patch)
treeddc2f5c4f52e0b280c85096784b70d8131f8da10 /app/controllers/jwt_controller.rb
parent345ac03b7afb1dc9b941c53bc45cc3dfcf22e61c (diff)
downloadgitlab-ce-aaa6d80870d5215390a7cd919d91309e5a8795b7.tar.gz
Implement read_registry for DeployTokens
Diffstat (limited to 'app/controllers/jwt_controller.rb')
-rw-r--r--app/controllers/jwt_controller.rb13
1 files changed, 11 insertions, 2 deletions
diff --git a/app/controllers/jwt_controller.rb b/app/controllers/jwt_controller.rb
index 7d6fe6a0232..76e7473e92c 100644
--- a/app/controllers/jwt_controller.rb
+++ b/app/controllers/jwt_controller.rb
@@ -23,10 +23,11 @@ class JwtController < ApplicationController
@authentication_result = Gitlab::Auth::Result.new(nil, nil, :none, Gitlab::Auth.read_authentication_abilities)
authenticate_with_http_basic do |login, password|
- @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: nil, ip: request.ip)
+ project = find_project_related(password)
+ @authentication_result = Gitlab::Auth.find_for_git_client(login, password, project: project, ip: request.ip)
if @authentication_result.failed? ||
- (@authentication_result.actor.present? && !@authentication_result.actor.is_a?(User))
+ (@authentication_result.actor.present? && !user_or_deploy_token)
render_unauthorized
end
end
@@ -57,4 +58,12 @@ class JwtController < ApplicationController
def auth_params
params.permit(:service, :scope, :account, :client_id)
end
+
+ def find_project_related(password)
+ DeployToken.active.find_by(token: password)&.project
+ end
+
+ def user_or_deploy_token
+ @authentication_result.actor.is_a?(User) || @authentication_result.actor.is_a?(DeployToken)
+ end
end
View Lorry Controller Status