summaryrefslogtreecommitdiff
path: root/lib/api/api_guard.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/api/api_guard.rb')
-rw-r--r--lib/api/api_guard.rb9
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb
index 9dd2de5c7ba..c6557fce541 100644
--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -65,7 +65,8 @@ module API
end
def find_user_from_sources
- find_user_from_access_token ||
+ deploy_token_from_request ||
+ find_user_from_access_token ||
find_user_from_job_token ||
find_user_from_warden
end
@@ -90,12 +91,16 @@ module API
end
def api_access_allowed?(user)
- Gitlab::UserAccess.new(user).allowed? && user.can?(:access_api)
+ user_allowed_or_deploy_token?(user) && user.can?(:access_api)
end
def api_access_denied_message(user)
Gitlab::Auth::UserAccessDeniedReason.new(user).rejection_message
end
+
+ def user_allowed_or_deploy_token?(user)
+ Gitlab::UserAccess.new(user).allowed? || user.is_a?(DeployToken)
+ end
end
class_methods do