1 files changed, 41 insertions, 45 deletions

diff --git a/lib/gitlab/git_access_snippet.rb b/lib/gitlab/git_access_snippet.rb
index 3de6c9ee30a..f2b4e930707 100644
--- a/lib/gitlab/git_access_snippet.rb
+++ b/lib/gitlab/git_access_snippet.rb
@@ -9,50 +9,68 @@ module Gitlab
       read_snippet: 'You are not allowed to read this snippet.',
       update_snippet: 'You are not allowed to update this snippet.',
       snippet_not_found: 'The snippet you were looking for could not be found.',
-      repository_not_found: 'The snippet repository you were looking for could not be found.'
+      no_repo: 'The snippet repository you were looking for could not be found.'
     }.freeze
 
-    attr_reader :snippet
-
-    alias_method :container, :snippet
+    alias_method :snippet, :container
 
     def initialize(actor, snippet, protocol, **kwargs)
-      @snippet = snippet
-
-      super(actor, snippet&.project, protocol, **kwargs)
+      super(actor, snippet, protocol, **kwargs)
 
       @auth_result_type = nil
       @authentication_abilities &= [:download_code, :push_code]
     end
 
+    override :check
     def check(cmd, changes)
-      # TODO: Investigate if expanding actor/authentication types are needed.
-      # https://gitlab.com/gitlab-org/gitlab/issues/202190
-      if actor && !actor.is_a?(User) && !actor.instance_of?(Key)
-        raise ForbiddenError, ERROR_MESSAGES[:authentication_mechanism]
-      end
-
       check_snippet_accessibility!
 
       super
     end
 
+    override :download_ability
+    def download_ability
+      :read_snippet
+    end
+
+    override :push_ability
+    def push_ability
+      :update_snippet
+    end
+
     private
 
-    override :check_namespace!
-    def check_namespace!
-      return unless snippet.is_a?(ProjectSnippet)
+    # TODO: Implement EE/Geo https://gitlab.com/gitlab-org/gitlab/issues/205629
+    override :check_custom_action
+    def check_custom_action
+      # snippets never return custom actions, such as geo replication.
+    end
 
-      super
+    override :project?
+    def project?
+      project_snippet?
+    end
+
+    override :project
+    def project
+      snippet&.project
     end
 
-    override :check_project!
-    def check_project!(cmd)
-      return unless snippet.is_a?(ProjectSnippet)
+    override :check_valid_actor!
+    def check_valid_actor!
+      # TODO: Investigate if expanding actor/authentication types are needed.
+      # https://gitlab.com/gitlab-org/gitlab/issues/202190
+      if actor && !actor.is_a?(User) && !actor.instance_of?(Key)
+        raise ForbiddenError, ERROR_MESSAGES[:authentication_mechanism]
+      end
 
       super
     end
 
+    def project_snippet?
+      snippet.is_a?(ProjectSnippet)
+    end
+
     override :check_push_access!
     def check_push_access!
       raise ForbiddenError, ERROR_MESSAGES[:update_snippet] unless user
@@ -82,19 +100,9 @@ module Gitlab
       end
     end
 
-    override :guest_can_download_code?
-    def guest_can_download_code?
-      Guest.can?(:read_snippet, snippet)
-    end
-
-    override :user_can_download_code?
-    def user_can_download_code?
-      authentication_abilities.include?(:download_code) && user_access.can_do_action?(:read_snippet)
-    end
-
     override :check_change_access!
     def check_change_access!
-      unless user_access.can_do_action?(:update_snippet)
+      unless user_can_push?
         raise ForbiddenError, ERROR_MESSAGES[:update_snippet]
       end
 
@@ -109,31 +117,19 @@ module Gitlab
       check_push_size!
     end
 
-    def check_single_change_access(change)
+    override :check_single_change_access
+    def check_single_change_access(change, _skip_lfs_integrity_check: false)
       Checks::SnippetCheck.new(change, logger: logger).validate!
       Checks::PushFileCountCheck.new(change, repository: repository, limit: Snippet.max_file_limit(user), logger: logger).validate!
     rescue Checks::TimedLogger::TimeoutError
       raise TimeoutError, logger.full_message
     end
 
-    override :check_repository_existence!
-    def check_repository_existence!
-      unless repository.exists?
-        raise NotFoundError, ERROR_MESSAGES[:repository_not_found]
-      end
-    end
-
     override :user_access
     def user_access
       @user_access ||= UserAccessSnippet.new(user, snippet: snippet)
     end
 
-    # TODO: Implement EE/Geo https://gitlab.com/gitlab-org/gitlab/issues/205629
-    override :check_custom_action
-    def check_custom_action(cmd)
-      nil
-    end
-
     override :check_size_limit?
     def check_size_limit?
       return false if user&.migration_bot?