diff options
| author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-08-08 12:01:25 +0200 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-09-13 13:30:26 +0200 |
| commit | 505dc808b3c0dc98413506446d368b91b56ff682 (patch) | |
| tree | 1f6d5c7fe805bf5ff11a4f5696d73e11d71ca3a6 /app/models | |
| parent | 45afdbef0de58f6de207b057e47151611d2ad7e6 (diff) | |
| download | gitlab-ce-505dc808b3c0dc98413506446d368b91b56ff682.tar.gz | |
Use a permissions of user to access all dependent projects from CI jobs (this also includes a container images, and in future LFS files)
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/ci/build.rb | 13 | ||||
| -rw-r--r-- | app/models/project.rb | 6 |
2 files changed, 7 insertions, 12 deletions
diff --git a/app/models/ci/build.rb b/app/models/ci/build.rb index 61052437318..1c2e0f1edea 100644 --- a/app/models/ci/build.rb +++ b/app/models/ci/build.rb @@ -1,5 +1,7 @@ module Ci class Build < CommitStatus + include TokenAuthenticatable + belongs_to :runner, class_name: 'Ci::Runner' belongs_to :trigger_request, class_name: 'Ci::TriggerRequest' belongs_to :erased_by, class_name: 'User' @@ -23,7 +25,10 @@ module Ci acts_as_taggable + add_authentication_token_field :token + before_save :update_artifacts_size, if: :artifacts_file_changed? + before_save :ensure_token before_destroy { project } after_create :execute_hooks @@ -172,7 +177,7 @@ module Ci end def repo_url - auth = "gitlab-ci-token:#{token}@" + auth = "gitlab-ci-token:#{ensure_token}@" project.http_url_to_repo.sub(/^https?:\/\//) do |prefix| prefix + auth end @@ -340,12 +345,8 @@ module Ci ) end - def token - project.runners_token - end - def valid_token?(token) - project.valid_runners_token?(token) + self.token && ActiveSupport::SecurityUtils.variable_size_secure_compare(token, self.token) end def has_tags? diff --git a/app/models/project.rb b/app/models/project.rb index a6de2c48071..d7cdf8775b3 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -1138,12 +1138,6 @@ class Project < ActiveRecord::Base self.runners_token && ActiveSupport::SecurityUtils.variable_size_secure_compare(token, self.runners_token) end - # TODO (ayufan): For now we use runners_token (backward compatibility) - # In 8.4 every build will have its own individual token valid for time of build - def valid_build_token?(token) - self.builds_enabled? && self.runners_token && ActiveSupport::SecurityUtils.variable_size_secure_compare(token, self.runners_token) - end - def build_coverage_enabled? build_coverage_regex.present? end |