Add latest changes from gitlab-org/gitlab@master

1 files changed, 14 insertions, 1 deletions

diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb
index 124e34562c1..e90f3f05a33 100644
--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@@ -34,8 +34,11 @@ module Gitlab
       HMACToken.new(actor).token(DEFAULT_EXPIRE_TIME)
     end
 
+    # When the token is an lfs one and the actor
+    # is blocked or the password has been changed,
+    # the token is no longer valid
     def token_valid?(token_to_check)
-      HMACToken.new(actor).token_valid?(token_to_check)
+      HMACToken.new(actor).token_valid?(token_to_check) && valid_user?
     end
 
     def deploy_key_pushable?(project)
@@ -46,6 +49,12 @@ module Gitlab
       user? ? :lfs_token : :lfs_deploy_token
     end
 
+    def valid_user?
+      return true unless user?
+
+      !actor.blocked? && (!actor.allow_password_authentication? || !actor.password_expired?)
+    end
+
     def authentication_payload(repository_http_path)
       {
         username: actor_name,
@@ -55,6 +64,10 @@ module Gitlab
       }
     end
 
+    def basic_encoding
+      ActionController::HttpAuthentication::Basic.encode_credentials(actor_name, token)
+    end
+
     private # rubocop:disable Lint/UselessAccessModifier
 
     class HMACToken