diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-02 12:07:57 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-02 12:07:57 +0000 |
| commit | 988b28ec1a379d38f6ac9ed04886ee564fd447fd (patch) | |
| tree | 9d93267209387e62d23ea7abf81ef9c0d64f2f0b /lib/api | |
| parent | a325f3a104748ecc68df7c3d793940aa709a111f (diff) | |
| download | gitlab-ce-988b28ec1a379d38f6ac9ed04886ee564fd447fd.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/api')
| -rw-r--r-- | lib/api/api_guard.rb | 28 | ||||
| -rw-r--r-- | lib/api/entities/group.rb | 1 | ||||
| -rw-r--r-- | lib/api/helpers/groups_helpers.rb | 1 |
3 files changed, 11 insertions, 19 deletions
diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb index 0769e464d26..5cab13f001e 100644 --- a/lib/api/api_guard.rb +++ b/lib/api/api_guard.rb @@ -50,17 +50,13 @@ module API user = find_user_from_sources return unless user + # Sessions are enforced to be unavailable for API calls, so ignore them for admin mode + Gitlab::Auth::CurrentUserMode.bypass_session!(user.id) if Feature.enabled?(:user_mode_in_session) + unless api_access_allowed?(user) forbidden!(api_access_denied_message(user)) end - # Set admin mode for API requests (if admin) - if Feature.enabled?(:user_mode_in_session) - current_user_mode = Gitlab::Auth::CurrentUserMode.new(user) - - current_user_mode.enable_sessionless_admin_mode! - end - user end @@ -154,19 +150,13 @@ module API end class AdminModeMiddleware < ::Grape::Middleware::Base - def initialize(app, **options) - super - end + def after + # Use a Grape middleware since the Grape `after` blocks might run + # before we are finished rendering the `Grape::Entity` classes + Gitlab::Auth::CurrentUserMode.reset_bypass_session! if Feature.enabled?(:user_mode_in_session) - def call(env) - if Feature.enabled?(:user_mode_in_session) - session = {} - Gitlab::Session.with_session(session) do - app.call(env) - end - else - app.call(env) - end + # Explicit nil is needed or the api call return value will be overwritten + nil end end end diff --git a/lib/api/entities/group.rb b/lib/api/entities/group.rb index ae5ee4784ed..10e10e52d9f 100644 --- a/lib/api/entities/group.rb +++ b/lib/api/entities/group.rb @@ -13,6 +13,7 @@ module API expose :emails_disabled expose :mentions_disabled expose :lfs_enabled?, as: :lfs_enabled + expose :default_branch_protection expose :avatar_url do |group, options| group.avatar_url(only_path: false) end diff --git a/lib/api/helpers/groups_helpers.rb b/lib/api/helpers/groups_helpers.rb index e0fea4c7c96..25701ff683d 100644 --- a/lib/api/helpers/groups_helpers.rb +++ b/lib/api/helpers/groups_helpers.rb @@ -21,6 +21,7 @@ module API optional :mentions_disabled, type: Boolean, desc: 'Disable a group from getting mentioned' optional :lfs_enabled, type: Boolean, desc: 'Enable/disable LFS for the projects in this group' optional :request_access_enabled, type: Boolean, desc: 'Allow users to request member access' + optional :default_branch_protection, type: Integer, values: ::Gitlab::Access.protection_values, desc: 'Determine if developers can push to master' end params :optional_params_ee do |