diff options
Diffstat (limited to 'app/services/auth/container_registry_authentication_service.rb')
| -rw-r--r-- | app/services/auth/container_registry_authentication_service.rb | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb index 98da6563947..8ea88da8a53 100644 --- a/app/services/auth/container_registry_authentication_service.rb +++ b/app/services/auth/container_registry_authentication_service.rb @@ -5,12 +5,12 @@ module Auth AUDIENCE = 'container_registry' def execute(authentication_abilities:) - @authentication_abilities = authentication_abilities || [] + @authentication_abilities = authentication_abilities - return error('not found', 404) unless registry.enabled + return error('UNAVAILABLE', status: 404, message: 'registry not enabled') unless registry.enabled unless current_user || project - return error('forbidden', 403) unless scope + return error('DENIED', status: 403, message: 'access forbidden') unless scope end { token: authorized_token(scope).encoded } @@ -111,5 +111,12 @@ module Auth @authentication_abilities.include?(:create_container_image) && can?(current_user, :create_container_image, requested_project) end + + def error(code, status:, message: '') + { + errors: [{ code: code, message: message }], + http_status: status + } + end end end |