summaryrefslogtreecommitdiff
path: root/lib/gitlab/auth/auth_finders.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/auth/auth_finders.rb')
-rw-r--r--lib/gitlab/auth/auth_finders.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/gitlab/auth/auth_finders.rb b/lib/gitlab/auth/auth_finders.rb
index 416e36c7ccb..0796f23fbfe 100644
--- a/lib/gitlab/auth/auth_finders.rb
+++ b/lib/gitlab/auth/auth_finders.rb
@@ -89,9 +89,11 @@ module Gitlab
job.user
end
- # We only allow Private Access Tokens with `api` scope to be used by web
+ # We allow Private Access Tokens with `api` scope to be used by web
# requests on RSS feeds or ICS files for backwards compatibility.
# It is also used by GraphQL/API requests.
+ # And to allow accessing /archive programatically as it was a big pain point
+ # for users https://gitlab.com/gitlab-org/gitlab/-/issues/28978.
def find_user_from_web_access_token(request_format, scopes: [:api])
return unless access_token && valid_web_access_format?(request_format)
@@ -269,6 +271,8 @@ module Gitlab
ics_request?
when :api
api_request?
+ when :archive
+ archive_request? if Feature.enabled?(:allow_archive_as_web_access_format, default_enabled: :yaml)
end
end
View Lorry Controller Status