diff options
author | Imre Farkas <ifarkas@gitlab.com> | 2018-05-31 14:01:04 +0000 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2018-05-31 14:01:04 +0000 |
commit | 20dfe25c151cc883ce0d38b67125b5ca41e6d422 (patch) | |
tree | 9a29f05a241713f3488e6bc2e5df03c07300ef45 /lib/gitlab/auth | |
parent | 2fdd8982f8204340e6413a57f46e6c41d8ecb429 (diff) | |
download | gitlab-ce-20dfe25c151cc883ce0d38b67125b5ca41e6d422.tar.gz |
Export assigned issues in iCalendar feed
Diffstat (limited to 'lib/gitlab/auth')
-rw-r--r-- | lib/gitlab/auth/request_authenticator.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/auth/user_auth_finders.rb | 18 |
2 files changed, 15 insertions, 5 deletions
diff --git a/lib/gitlab/auth/request_authenticator.rb b/lib/gitlab/auth/request_authenticator.rb index a0b5cd868c3..66de52506ce 100644 --- a/lib/gitlab/auth/request_authenticator.rb +++ b/lib/gitlab/auth/request_authenticator.rb @@ -16,7 +16,7 @@ module Gitlab end def find_sessionless_user - find_user_from_access_token || find_user_from_rss_token + find_user_from_access_token || find_user_from_feed_token rescue Gitlab::Auth::AuthenticationError nil end diff --git a/lib/gitlab/auth/user_auth_finders.rb b/lib/gitlab/auth/user_auth_finders.rb index 4dc23f977da..c7993665421 100644 --- a/lib/gitlab/auth/user_auth_finders.rb +++ b/lib/gitlab/auth/user_auth_finders.rb @@ -25,13 +25,15 @@ module Gitlab current_request.env['warden']&.authenticate if verified_request? end - def find_user_from_rss_token - return unless current_request.path.ends_with?('.atom') || current_request.format.atom? + def find_user_from_feed_token + return unless rss_request? || ics_request? - token = current_request.params[:rss_token].presence + # NOTE: feed_token was renamed from rss_token but both needs to be supported because + # users might have already added the feed to their RSS reader before the rename + token = current_request.params[:feed_token].presence || current_request.params[:rss_token].presence return unless token - User.find_by_rss_token(token) || raise(UnauthorizedError) + User.find_by_feed_token(token) || raise(UnauthorizedError) end def find_user_from_access_token @@ -104,6 +106,14 @@ module Gitlab def current_request @current_request ||= ensure_action_dispatch_request(request) end + + def rss_request? + current_request.path.ends_with?('.atom') || current_request.format.atom? + end + + def ics_request? + current_request.path.ends_with?('.ics') || current_request.format.ics? + end end end end |