diff options
| author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-09-15 11:57:09 +0200 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-09-15 11:57:09 +0200 |
| commit | 11f87700e8bceeec96440809682406ae24334ed8 (patch) | |
| tree | 3f7ec3bc0e00caa728c12b8affade70b75621cc1 /lib | |
| parent | 6b381f3fdf00c7eeb971f365bde2a41f0cecf944 (diff) | |
| download | gitlab-ce-11f87700e8bceeec96440809682406ae24334ed8.tar.gz | |
Add access specs
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/internal.rb | 14 | ||||
| -rw-r--r-- | lib/gitlab/auth.rb | 20 |
2 files changed, 20 insertions, 14 deletions
diff --git a/lib/api/internal.rb b/lib/api/internal.rb index 6e6efece7c4..2ec94570506 100644 --- a/lib/api/internal.rb +++ b/lib/api/internal.rb @@ -51,9 +51,9 @@ module API access = if wiki? - Gitlab::GitAccessWiki.new(actor, project, protocol) + Gitlab::GitAccessWiki.new(actor, project, protocol, capabilities: ssh_capabilities) else - Gitlab::GitAccess.new(actor, project, protocol) + Gitlab::GitAccess.new(actor, project, protocol, capabilities: ssh_capabilities) end access_status = access.check(params[:action], params[:changes]) @@ -130,6 +130,16 @@ module API { success: true, recovery_codes: codes } end + + private + + def ssh_capabilities + [ + :read_project, + :download_code, + :push_code + ] + end end end end diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 6a55c50c3f3..7af9bb9a326 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -1,14 +1,8 @@ module Gitlab module Auth - class Result - attr_reader :user, :project, :type, :capabilities - - def initialize?(user = nil, project = nil, type = nil, capabilities = nil) - @user, @project, @type, @capabilities = user, project, type, capabilities - end - - def success? - user.present? || [:ci, :missing_personal_token].include?(type) + Result = Struct.new(:user, :project, :type, :capabilities) do + def succeeded? + user.present? || [:ci].include?(type) end end @@ -23,7 +17,7 @@ module Gitlab personal_access_token_check(login, password) || Result.new - rate_limit!(ip, success: result.success?, login: login) + rate_limit!(ip, success: result.succeeded?, login: login) result end @@ -94,7 +88,7 @@ module Gitlab :gitlab_or_ldap end - Result.new(user, type, nil, full_capabilities) + Result.new(user, nil, type, full_capabilities) end def oauth_access_token_check(login, password) @@ -111,7 +105,9 @@ module Gitlab if login && password user = User.find_by_personal_access_token(password) validation = User.by_login(login) - Result.new(user, nil, :personal_token, full_capabilities) if user == validation + if user && user == validation + Result.new(user, nil, :personal_token, full_capabilities) + end end end |