Merge branch 'reset_session' into 'master'

Reset user session if token is invalid closes #148 See merge request !115
author: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2015-02-25 02:28:47 +0000
committer: Dmitriy Zaporozhets <dzaporozhets@gitlab.com> 2015-02-25 02:28:47 +0000
commit: b11f345ce275bdda6c4db1554949bbd9f7c23cdb (patch)
tree: e49f5eece3bad4efe3d83d61e6ba4229bb1589f2
parent: d199338628cf2395bf19106cd39d0cff0de979b0 (diff)
parent: fd35049ef79b72740c7d2a59252d4a1ceac189c2 (diff)
download: gitlab-ci-b11f345ce275bdda6c4db1554949bbd9f7c23cdb.tar.gz
4 files changed, 32 insertions, 27 deletions
diff --git a/CHANGELOG b/CHANGELOG
index feb88e3..ce60dd9 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,3 +1,6 @@
+v7.9.0
+  - Reset user session if token is invalid
+
 v7.8.0
   - Fix OAuth login with GitLab installed in relative URL
   - GitLab CI has same version as GitLab since now
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 5897632..ba7642b 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,4 +1,5 @@
 class ApplicationController < ActionController::Base
+  rescue_from Network::UnauthorizedError, :with => :invalid_token
   before_filter :default_headers
   before_filter :check_config
 
@@ -78,4 +79,9 @@ class ApplicationController < ActionController::Base
   rescue Settingslogic::MissingSetting, NoMethodError
     redirect_to oauth2_help_path
   end
+
+  def invalid_token
+    reset_session
+    redirect_to :root
+  end
 end
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 10de5da..38762e7 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -21,6 +21,8 @@ class ProjectsController < ApplicationController
     @projects = Project.where(gitlab_id: @gl_projects.map(&:id)).order('name ASC')
     @total_count = @gl_projects.size
     @gl_projects.reject! { |gl_project| @projects.map(&:gitlab_id).include?(gl_project.id) }
+  rescue Network::UnauthorizedError
+    raise
   rescue
     @error = 'Failed to fetch GitLab projects'
   end
diff --git a/app/models/network.rb b/app/models/network.rb
index f106994..b03307b 100644
--- a/app/models/network.rb
+++ b/app/models/network.rb
@@ -1,4 +1,6 @@
 class Network
+  class UnauthorizedError < StandardError; end
+
   include HTTParty
 
   API_PREFIX = '/api/v3/'
@@ -12,11 +14,7 @@ class Network
     endpoint = File.join(url, API_PREFIX, 'user')
     response = self.class.get(endpoint, opts)
 
-    if response.code == 200
-      response.parsed_response
-    else
-      nil
-    end
+    build_response(response)
   end
 
   def authenticate_by_token(url, api_opts)
@@ -28,11 +26,7 @@ class Network
     endpoint = File.join(url, API_PREFIX, 'user.json')
     response = self.class.get(endpoint, opts)
 
-    if response.code == 200
-      response.parsed_response
-    else
-      nil
-    end
+    build_response(response)
   end
 
 
@@ -54,11 +48,7 @@ class Network
     endpoint = File.join(url, API_PREFIX, query)
     response = self.class.get(endpoint, opts)
 
-    if response.code == 200
-      response.parsed_response
-    else
-      nil
-    end
+    build_response(response)
   end
 
   def project(url, api_opts, project_id)
@@ -72,11 +62,7 @@ class Network
     endpoint = File.join(url, API_PREFIX, query)
     response = self.class.get(endpoint, opts)
 
-    if response.code == 200
-      response.parsed_response
-    else
-      nil
-    end
+    build_response(response)
   end
 
   def project_hooks(url, api_opts, project_id)
@@ -90,11 +76,7 @@ class Network
     endpoint = File.join(url, API_PREFIX, query)
     response = self.class.get(endpoint, opts)
 
-    if response.code == 200
-      response.parsed_response
-    else
-      nil
-    end
+    build_response(response)
   end
 
   def enable_ci(url, project_id, ci_opts, token)
@@ -107,8 +89,11 @@ class Network
     endpoint = File.join(url, API_PREFIX, query)
     response = self.class.put(endpoint, opts)
 
-    if response.code == 200
+    case response.code
+    when 200
       true
+    when 401
+      raise UnauthorizedError
     else
       nil
     end
@@ -124,8 +109,17 @@ class Network
     endpoint = File.join(url, API_PREFIX, query)
     response = self.class.delete(endpoint, opts)
 
-    if response.code == 200
+    build_response(response)
+  end
+
+  private
+
+  def build_response(response)
+    case response.code
+    when 200
       response.parsed_response
+    when 401
+      raise UnauthorizedError
     else
       nil
     end
author	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2015-02-25 02:28:47 +0000
committer	Dmitriy Zaporozhets <dzaporozhets@gitlab.com>	2015-02-25 02:28:47 +0000
commit	b11f345ce275bdda6c4db1554949bbd9f7c23cdb (patch)
tree	e49f5eece3bad4efe3d83d61e6ba4229bb1589f2
parent	d199338628cf2395bf19106cd39d0cff0de979b0 (diff)
parent	fd35049ef79b72740c7d2a59252d4a1ceac189c2 (diff)
download	gitlab-ci-b11f345ce275bdda6c4db1554949bbd9f7c23cdb.tar.gz