diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-09-28 00:06:20 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-09-28 00:06:20 +0000 |
commit | e08eba1838cb749b8815c7da98a504ff97bcfb98 (patch) | |
tree | 0172bc4d205f59dd6f3722b27d53e6aa8abb5825 /lib/gitlab/lfs_token.rb | |
parent | d4633b0e70ec39583ce0b13f277f990b216ac0d9 (diff) | |
download | gitlab-ce-e08eba1838cb749b8815c7da98a504ff97bcfb98.tar.gz |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/lfs_token.rb')
-rw-r--r-- | lib/gitlab/lfs_token.rb | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/lib/gitlab/lfs_token.rb b/lib/gitlab/lfs_token.rb index 124e34562c1..e90f3f05a33 100644 --- a/lib/gitlab/lfs_token.rb +++ b/lib/gitlab/lfs_token.rb @@ -34,8 +34,11 @@ module Gitlab HMACToken.new(actor).token(DEFAULT_EXPIRE_TIME) end + # When the token is an lfs one and the actor + # is blocked or the password has been changed, + # the token is no longer valid def token_valid?(token_to_check) - HMACToken.new(actor).token_valid?(token_to_check) + HMACToken.new(actor).token_valid?(token_to_check) && valid_user? end def deploy_key_pushable?(project) @@ -46,6 +49,12 @@ module Gitlab user? ? :lfs_token : :lfs_deploy_token end + def valid_user? + return true unless user? + + !actor.blocked? && (!actor.allow_password_authentication? || !actor.password_expired?) + end + def authentication_payload(repository_http_path) { username: actor_name, @@ -55,6 +64,10 @@ module Gitlab } end + def basic_encoding + ActionController::HttpAuthentication::Basic.encode_credentials(actor_name, token) + end + private # rubocop:disable Lint/UselessAccessModifier class HMACToken |