`AccessTokenValidationService` accepts `String` or `API::Scope` scopes.

- There's no need to use `API::Scope` for scopes that don't have `if` conditions, such as in `lib/gitlab/auth.rb`.
author: Timothy Andrew <mail@timothyandrew.net> 2017-06-30 07:32:25 +0000
committer: Timothy Andrew <mail@timothyandrew.net> 2017-06-30 07:32:25 +0000
commit: afbc7520c296196d0f3f95d4a24a9e42c0e41f3c (patch)
tree: b24fcb7fff29f362cfe1976bf4e12a5330d83cb9 /app/services/access_token_validation_service.rb
parent: b8ec1f4201c74c500e4f7010b238c7920599da7a (diff)
download: gitlab-ce-afbc7520c296196d0f3f95d4a24a9e42c0e41f3c.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb
index bf5aef0055e..9c00ea789ec 100644
--- a/app/services/access_token_validation_service.rb
+++ b/app/services/access_token_validation_service.rb
@@ -37,7 +37,14 @@ class AccessTokenValidationService
       # small number of records involved.
       # https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12300/#note_33689006
       token_scopes = token.scopes.map(&:to_sym)
-      required_scopes.any? { |scope| scope.sufficient?(token_scopes, request) }
+
+      required_scopes.any? do |scope|
+        if scope.respond_to?(:sufficient?)
+          scope.sufficient?(token_scopes, request)
+        else
+          API::Scope.new(scope).sufficient?(token_scopes, request)
+        end
+      end
     end
   end
 end
author	Timothy Andrew <mail@timothyandrew.net>	2017-06-30 07:32:25 +0000
committer	Timothy Andrew <mail@timothyandrew.net>	2017-06-30 07:32:25 +0000
commit	afbc7520c296196d0f3f95d4a24a9e42c0e41f3c (patch)
tree	b24fcb7fff29f362cfe1976bf4e12a5330d83cb9 /app/services/access_token_validation_service.rb
parent	b8ec1f4201c74c500e4f7010b238c7920599da7a (diff)
download	gitlab-ce-afbc7520c296196d0f3f95d4a24a9e42c0e41f3c.tar.gz