diff options
Diffstat (limited to 'lib/api/internal')
| -rw-r--r-- | lib/api/internal/base.rb | 4 | ||||
| -rw-r--r-- | lib/api/internal/kubernetes.rb | 2 |
2 files changed, 5 insertions, 1 deletions
diff --git a/lib/api/internal/base.rb b/lib/api/internal/base.rb index 12bb6e77c3e..6de80c17960 100644 --- a/lib/api/internal/base.rb +++ b/lib/api/internal/base.rb @@ -52,7 +52,9 @@ module API actor.update_last_used_at! check_result = begin - access_check!(actor, params) + Gitlab::Auth::CurrentUserMode.bypass_session!(actor.user&.id) do + access_check!(actor, params) + end rescue Gitlab::GitAccess::ForbiddenError => e # The return code needs to be 401. If we return 403 # the custom message we return won't be shown to the user diff --git a/lib/api/internal/kubernetes.rb b/lib/api/internal/kubernetes.rb index 73723a96401..87ad79d601f 100644 --- a/lib/api/internal/kubernetes.rb +++ b/lib/api/internal/kubernetes.rb @@ -52,6 +52,8 @@ module API def check_agent_token forbidden! unless agent_token + + forbidden! unless Gitlab::Kas.included_in_gitlab_com_rollout?(agent.project) end end |