diff options
author | Pawel Chojnacki <pawel@chojnacki.ws> | 2017-02-17 12:52:27 +0100 |
---|---|---|
committer | Pawel Chojnacki <pawel@chojnacki.ws> | 2017-03-06 15:41:25 +0100 |
commit | 8993801f0cefdc64b46b8fe30622cc78eaa03173 (patch) | |
tree | f9a9a38c91e99f03ea87978119a03538d1e91175 /lib/api/helpers.rb | |
parent | 66dc71599cb698d380e14be7230ae3495c78d266 (diff) | |
download | gitlab-ce-8993801f0cefdc64b46b8fe30622cc78eaa03173.tar.gz |
Test various login scenarios if the limit gets enforced
Diffstat (limited to 'lib/api/helpers.rb')
-rw-r--r-- | lib/api/helpers.rb | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a43252a4661..f325f0a3050 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -336,16 +336,17 @@ module API def initial_current_user return @initial_current_user if defined?(@initial_current_user) + Gitlab::Auth::UniqueIpsLimiter.limit_user! do + @initial_current_user ||= find_user_by_private_token(scopes: @scopes) + @initial_current_user ||= doorkeeper_guard(scopes: @scopes) + @initial_current_user ||= find_user_from_warden - @initial_current_user ||= find_user_by_private_token(scopes: @scopes) - @initial_current_user ||= doorkeeper_guard(scopes: @scopes) - @initial_current_user ||= find_user_from_warden + unless @initial_current_user && Gitlab::UserAccess.new(@initial_current_user).allowed? + @initial_current_user = nil + end - unless @initial_current_user && Gitlab::UserAccess.new(@initial_current_user).allowed? - @initial_current_user = nil + @initial_current_user end - - @initial_current_user end def sudo! |