diff options
| author | Rémy Coutable <remy@rymai.me> | 2017-04-24 19:31:32 +0300 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2017-04-24 19:31:32 +0300 |
| commit | df65e4376e2455ec39890a58f3428a98c2317516 (patch) | |
| tree | b5b51b1795e3f9aca31895762a1e3af99034440b | |
| parent | 3855751d024d20a05343141c65aa3b588645dcfa (diff) | |
| parent | bee780e8fdf56fa24b54326e9c27f0b1ab7446f7 (diff) | |
Merge branch '30305-oauth-token-push-code' into 'master'
Allow OAuth clients to push code
Closes #30305
See merge request !10677
| -rw-r--r-- | changelogs/unreleased/30305-oauth-token-push-code.yml | 4 | ||||
| -rw-r--r-- | lib/gitlab/auth.rb | 2 | ||||
| -rw-r--r-- | spec/lib/gitlab/auth_spec.rb | 2 | ||||
| -rw-r--r-- | spec/requests/git_http_spec.rb | 4 |
4 files changed, 8 insertions, 4 deletions
diff --git a/changelogs/unreleased/30305-oauth-token-push-code.yml b/changelogs/unreleased/30305-oauth-token-push-code.yml new file mode 100644 index 00000000000..aadfb5ca419 --- /dev/null +++ b/changelogs/unreleased/30305-oauth-token-push-code.yml @@ -0,0 +1,4 @@ +--- +title: Allow OAuth clients to push code +merge_request: 10677 +author: diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index eee5601b0ed..ea918b23a63 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -108,7 +108,7 @@ module Gitlab token = Doorkeeper::AccessToken.by_token(password) if valid_oauth_token?(token) user = User.find_by(id: token.resource_owner_id) - Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities) + Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities) end end end diff --git a/spec/lib/gitlab/auth_spec.rb b/spec/lib/gitlab/auth_spec.rb index 03c4879ed6f..d4a43192d03 100644 --- a/spec/lib/gitlab/auth_spec.rb +++ b/spec/lib/gitlab/auth_spec.rb @@ -118,7 +118,7 @@ describe Gitlab::Auth, lib: true do it 'succeeds for OAuth tokens with the `api` scope' do expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: 'oauth2') - expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, read_authentication_abilities)) + expect(gl_auth.find_for_git_client("oauth2", token_w_api_scope.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities)) end it 'fails for OAuth tokens with other scopes' do diff --git a/spec/requests/git_http_spec.rb b/spec/requests/git_http_spec.rb index 316742ff076..6ca3ef18fe6 100644 --- a/spec/requests/git_http_spec.rb +++ b/spec/requests/git_http_spec.rb @@ -279,10 +279,10 @@ describe 'Git HTTP requests', lib: true do expect(response.content_type.to_s).to eq(Gitlab::Workhorse::INTERNAL_API_CONTENT_TYPE) end - it "uploads get status 401 (no project existence information leak)" do + it "uploads get status 200" do push_get "#{project.path_with_namespace}.git", user: 'oauth2', password: @token.token - expect(response).to have_http_status(401) + expect(response).to have_http_status(200) end end |