summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-08-18 08:52:04 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-08-18 08:52:04 +0000
commit7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb (patch)
tree11f24f04e0f11b451c84a224e0d1f07cfed25928 /lib
parenta12a8608e6160bef7f2edca1e20192b69a83ff54 (diff)
downloadgitlab-ce-7e2d89989a48ecd55d3f118d7bf8c3a00e1038cb.tar.gz
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'lib')
-rw-r--r--lib/gitlab/auth.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 44e8c9c04b9..1a23814959d 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -218,6 +218,9 @@ module Gitlab
return unless token && login
return if login != token.username
+ # Registry access (with jwt) does not have access to project
+ return if project && !token.has_access_to?(project)
+
scopes = abilities_for_scopes(token.scopes)
if valid_scoped_token?(token, all_available_scopes)