diff options
| author | Douwe Maan <douwe@selenight.nl> | 2017-10-12 14:38:39 +0200 |
|---|---|---|
| committer | Douwe Maan <douwe@selenight.nl> | 2017-11-02 11:39:03 +0100 |
| commit | 3f24f9ed182f5226210349b8e67e484e132ce971 (patch) | |
| tree | 6f6a9148f3d89ea2d19cefe90470a8dca4dabc64 /app | |
| parent | a1781a49416790f727b3dd3453bf704723e72b90 (diff) | |
| download | gitlab-ce-3f24f9ed182f5226210349b8e67e484e132ce971.tar.gz | |
Add sudo API scope
Diffstat (limited to 'app')
| -rw-r--r-- | app/controllers/admin/impersonation_tokens_controller.rb | 2 | ||||
| -rw-r--r-- | app/controllers/profiles/personal_access_tokens_controller.rb | 2 | ||||
| -rw-r--r-- | app/services/access_token_validation_service.rb | 7 |
3 files changed, 4 insertions, 7 deletions
diff --git a/app/controllers/admin/impersonation_tokens_controller.rb b/app/controllers/admin/impersonation_tokens_controller.rb index 07c8bf714fc..7a2c7234a1e 100644 --- a/app/controllers/admin/impersonation_tokens_controller.rb +++ b/app/controllers/admin/impersonation_tokens_controller.rb @@ -44,7 +44,7 @@ class Admin::ImpersonationTokensController < Admin::ApplicationController end def set_index_vars - @scopes = Gitlab::Auth::API_SCOPES + @scopes = Gitlab::Auth.available_scopes(current_user) @impersonation_token ||= finder.build @inactive_impersonation_tokens = finder(state: 'inactive').execute diff --git a/app/controllers/profiles/personal_access_tokens_controller.rb b/app/controllers/profiles/personal_access_tokens_controller.rb index 4146deefa89..6d9873e38df 100644 --- a/app/controllers/profiles/personal_access_tokens_controller.rb +++ b/app/controllers/profiles/personal_access_tokens_controller.rb @@ -39,7 +39,7 @@ class Profiles::PersonalAccessTokensController < Profiles::ApplicationController end def set_index_vars - @scopes = Gitlab::Auth.available_scopes + @scopes = Gitlab::Auth.available_scopes(current_user) @inactive_personal_access_tokens = finder(state: 'inactive').execute @active_personal_access_tokens = finder(state: 'active').execute.order(:expires_at) diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb index 9c00ea789ec..46e19230328 100644 --- a/app/services/access_token_validation_service.rb +++ b/app/services/access_token_validation_service.rb @@ -39,11 +39,8 @@ class AccessTokenValidationService token_scopes = token.scopes.map(&:to_sym) required_scopes.any? do |scope| - if scope.respond_to?(:sufficient?) - scope.sufficient?(token_scopes, request) - else - API::Scope.new(scope).sufficient?(token_scopes, request) - end + scope = API::Scope.new(scope) unless scope.is_a?(API::Scope) + scope.sufficient?(token_scopes, request) end end end |