summaryrefslogtreecommitdiff
path: root/app/services/access_token_validation_service.rb
diff options
context:
space:
mode:
authorjhampton <jhampton@gitlab.com>2018-12-07 13:21:43 -0500
committerjhampton <jhampton@gitlab.com>2018-12-07 13:21:43 -0500
commit6de31cddb81613045ae4ac920a054c53f2028949 (patch)
tree5da9d29ba985e9ce2b81f02c33fd43b222e91e10 /app/services/access_token_validation_service.rb
parent02ef0523634123f3abc3dd6235ff229e38f40341 (diff)
parent88c0984d077e2a85d684d71d036d27278cd81182 (diff)
downloadgitlab-ce-6de31cddb81613045ae4ac920a054c53f2028949.tar.gz
Merge remote-tracking branch 'origin/master' into 20422-hide-ui-variables-by-default
Diffstat (limited to 'app/services/access_token_validation_service.rb')
-rw-r--r--app/services/access_token_validation_service.rb6
1 files changed, 6 insertions, 0 deletions
diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb
index 2a337918d21..40aa9250885 100644
--- a/app/services/access_token_validation_service.rb
+++ b/app/services/access_token_validation_service.rb
@@ -6,6 +6,7 @@ class AccessTokenValidationService
EXPIRED = :expired
REVOKED = :revoked
INSUFFICIENT_SCOPE = :insufficient_scope
+ IMPERSONATION_DISABLED = :impersonation_disabled
attr_reader :token, :request
@@ -24,6 +25,11 @@ class AccessTokenValidationService
elsif !self.include_any_scope?(scopes)
return INSUFFICIENT_SCOPE
+ elsif token.respond_to?(:impersonation) &&
+ token.impersonation &&
+ !Gitlab.config.gitlab.impersonation_enabled
+ return IMPERSONATION_DISABLED
+
else
return VALID
end
View Lorry Controller Status