diff options
| author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-09-16 09:59:10 +0200 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-09-16 11:12:21 +0200 |
| commit | e941365f3be88cebd57e9b08ba8702c1b688cb94 (patch) | |
| tree | 903b454248eb3ba230eabfb2c5427a11161e4c5c /lib | |
| parent | ac6412d0766fbc090a3aa8272cfd4cc2d9a26c16 (diff) | |
| download | gitlab-ce-e941365f3be88cebd57e9b08ba8702c1b688cb94.tar.gz | |
Rename capabilities to authentication_abilities
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/internal.rb | 6 | ||||
| -rw-r--r-- | lib/gitlab/auth.rb | 24 | ||||
| -rw-r--r-- | lib/gitlab/git_access.rb | 12 |
3 files changed, 21 insertions, 21 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 865379c51c4..090d04544da 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -36,7 +36,7 @@ module API end end - def ssh_capabilities + def ssh_authentication_abilities [ :read_project, :download_code, @@ -59,9 +59,9 @@ module API access = if wiki? - Gitlab::GitAccessWiki.new(actor, project, protocol, capabilities: ssh_capabilities) + Gitlab::GitAccessWiki.new(actor, project, protocol, authentication_abilities: ssh_authentication_abilities) else - Gitlab::GitAccess.new(actor, project, protocol, capabilities: ssh_capabilities) + Gitlab::GitAccess.new(actor, project, protocol, authentication_abilities: ssh_authentication_abilities) end access_status = access.check(params[:action], params[:changes]) diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index b14c4e565d5..3d7cc176e07 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -1,6 +1,6 @@ module Gitlab module Auth - Result = Struct.new(:actor, :project, :type, :capabilities) do + Result = Struct.new(:actor, :project, :type, :authentication_abilities) do def success? actor.present? || type == :ci end @@ -77,7 +77,7 @@ module Gitlab service = project.public_send("#{underscored_service}_service") if service && service.activated? && service.valid_token?(password) - Result.new(nil, project, :ci, build_capabilities) + Result.new(nil, project, :ci, build_authentication_abilities) end end end @@ -88,7 +88,7 @@ module Gitlab raise Gitlab::Auth::MissingPersonalTokenError if user.two_factor_enabled? - Result.new(user, nil, :gitlab_or_ldap, full_capabilities) + Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) end def oauth_access_token_check(login, password) @@ -96,7 +96,7 @@ module Gitlab token = Doorkeeper::AccessToken.by_token(password) if token && token.accessible? user = User.find_by(id: token.resource_owner_id) - Result.new(user, nil, :oauth, read_capabilities) + Result.new(user, nil, :oauth, read_authentication_abilities) end end end @@ -105,7 +105,7 @@ module Gitlab if login && password user = User.find_by_personal_access_token(password) validation = User.by_login(login) - Result.new(user, nil, :personal_token, full_capabilities) if user.present? && user == validation + Result.new(user, nil, :personal_token, full_authentication_abilities) if user.present? && user == validation end end @@ -122,7 +122,7 @@ module Gitlab if actor token_handler = Gitlab::LfsToken.new(actor) - Result.new(actor, nil, token_handler.type, read_capabilities) if Devise.secure_compare(token_handler.value, password) + Result.new(actor, nil, token_handler.type, read_authentication_abilities) if Devise.secure_compare(token_handler.value, password) end end @@ -136,14 +136,14 @@ module Gitlab if build.user # If user is assigned to build, use restricted credentials of user - Result.new(build.user, build.project, :build, build_capabilities) + Result.new(build.user, build.project, :build, build_authentication_abilities) else # Otherwise use generic CI credentials (backward compatibility) - Result.new(nil, build.project, :ci, build_capabilities) + Result.new(nil, build.project, :ci, build_authentication_abilities) end end - def build_capabilities + def build_authentication_abilities [ :read_project, :build_download_code, @@ -152,7 +152,7 @@ module Gitlab ] end - def read_capabilities + def read_authentication_abilities [ :read_project, :download_code, @@ -160,8 +160,8 @@ module Gitlab ] end - def full_capabilities - read_capabilities + [ + def full_authentication_abilities + read_authentication_abilities + [ :push_code, :update_container_image ] diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb index 21286e77dc6..799794c0171 100644 --- a/lib/gitlab/git_access.rb +++ b/lib/gitlab/git_access.rb @@ -5,13 +5,13 @@ module Gitlab DOWNLOAD_COMMANDS = %w{ git-upload-pack git-upload-archive } PUSH_COMMANDS = %w{ git-receive-pack } - attr_reader :actor, :project, :protocol, :user_access, :capabilities + attr_reader :actor, :project, :protocol, :user_access, :authentication_abilities - def initialize(actor, project, protocol, capabilities:) + def initialize(actor, project, protocol, authentication_abilities:) @actor = actor @project = project @protocol = protocol - @capabilities = capabilities + @authentication_abilities = authentication_abilities @user_access = UserAccess.new(user, project: project) end @@ -69,15 +69,15 @@ module Gitlab end def user_can_download_code? - capabilities.include?(:download_code) && user_access.can_do_action?(:download_code) + authentication_abilities.include?(:download_code) && user_access.can_do_action?(:download_code) end def build_can_download_code? - capabilities.include?(:build_download_code) && user_access.can_do_action?(:build_download_code) + authentication_abilities.include?(:build_download_code) && user_access.can_do_action?(:build_download_code) end def user_push_access_check(changes) - unless capabilities.include?(:push_code) + unless authentication_abilities.include?(:push_code) return build_status_object(false, "You are not allowed to upload code for this project.") end |