diff options
author | Francisco Lopez <fjlopez@gitlab.com> | 2017-11-07 19:17:41 +0100 |
---|---|---|
committer | Francisco Lopez <fjlopez@gitlab.com> | 2017-11-17 10:01:20 +0100 |
commit | 41ebd06ddc837c80ba6ca95c6d5fea2b76cef8d2 (patch) | |
tree | 1f0e79ecafc2b9035e92cf4e7b51484f490e8b2c /lib/api/api_guard.rb | |
parent | 470b5dc32633cd4ec873e655ac6a70011c835e17 (diff) | |
download | gitlab-ce-41ebd06ddc837c80ba6ca95c6d5fea2b76cef8d2.tar.gz |
Some fixes after rebase
Diffstat (limited to 'lib/api/api_guard.rb')
-rw-r--r-- | lib/api/api_guard.rb | 31 |
1 files changed, 7 insertions, 24 deletions
diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb index 66ad2b77f75..9ada2d5ebb1 100644 --- a/lib/api/api_guard.rb +++ b/lib/api/api_guard.rb @@ -72,33 +72,16 @@ module API end end - def raise_unauthorized_error! - raise UnauthorizedError - end + private - # If token is presented and valid, then it sets @current_user. - # - # If the token does not have sufficient scopes to cover the requred scopes, - # then it raises InsufficientScopeError. - # - # If the token is expired, then it raises ExpiredError. - # - # If the token is revoked, then it raises RevokedError. - # - # If the token is not found (nil), then it returns nil - # - # Arguments: - # - # scopes: (optional) scopes required for this guard. - # Defaults to empty array. - def find_user_by_access_token(access_token) - scopes = scopes_registered_for_endpoint + def handle_return_value!(value, &block) + raise UnauthorizedError unless value - # Expiration, revocation and scopes are verified in `find_user_by_access_token` - access_token = PersonalAccessToken.find_by(token: token) - raise UnauthorizedError unless access_token + block_given? ? yield(value) : value + end - access_token + def private_token + params[PRIVATE_TOKEN_PARAM].presence || env[PRIVATE_TOKEN_HEADER].presence end # An array of scopes that were registered (using `allow_access_with_scope`) |