diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2017-06-30 07:32:25 +0000 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2017-06-30 07:32:25 +0000 |
commit | afbc7520c296196d0f3f95d4a24a9e42c0e41f3c (patch) | |
tree | b24fcb7fff29f362cfe1976bf4e12a5330d83cb9 /app | |
parent | b8ec1f4201c74c500e4f7010b238c7920599da7a (diff) | |
download | gitlab-ce-afbc7520c296196d0f3f95d4a24a9e42c0e41f3c.tar.gz |
`AccessTokenValidationService` accepts `String` or `API::Scope` scopes.
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
Diffstat (limited to 'app')
-rw-r--r-- | app/services/access_token_validation_service.rb | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb index bf5aef0055e..9c00ea789ec 100644 --- a/app/services/access_token_validation_service.rb +++ b/app/services/access_token_validation_service.rb @@ -37,7 +37,14 @@ class AccessTokenValidationService # small number of records involved. # https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/12300/#note_33689006 token_scopes = token.scopes.map(&:to_sym) - required_scopes.any? { |scope| scope.sufficient?(token_scopes, request) } + + required_scopes.any? do |scope| + if scope.respond_to?(:sufficient?) + scope.sufficient?(token_scopes, request) + else + API::Scope.new(scope).sufficient?(token_scopes, request) + end + end end end end |