Initial attempt at refactoring API scope declarations.

- Declaring an endpoint's scopes in a `before` block has proved to be unreliable. For example, if we're accessing the `API::Users` endpoint - code in a `before` block in `API::API` wouldn't be able to see the scopes set in `API::Users` since the `API::API` `before` block runs first. - This commit moves these declarations to the class level, since they don't need to change once set.
author: Timothy Andrew <mail@timothyandrew.net> 2017-06-20 10:40:24 +0300
committer: Timothy Andrew <mail@timothyandrew.net> 2017-06-28 10:17:13 +0300
commit: 6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b (patch)
tree: b9de79a82757d00156ddf2f86453ae5b2ee7944d /lib/api/helpers.rb
parent: 08ad0af49c017d740b43588c0809b3811d25a448 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 2c73a6fdc4e..3cf04e6df3c 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -340,10 +340,12 @@ module API
     end
 
     def initial_current_user
+      endpoint_class = options[:for]
+
       return @initial_current_user if defined?(@initial_current_user)
       Gitlab::Auth::UniqueIpsLimiter.limit_user! do
-        @initial_current_user ||= find_user_by_private_token(scopes: @scopes)
-        @initial_current_user ||= doorkeeper_guard(scopes: @scopes)
+        @initial_current_user ||= find_user_by_private_token(scopes: endpoint_class.scopes)
+        @initial_current_user ||= doorkeeper_guard(scopes: endpoint_class.scopes)
         @initial_current_user ||= find_user_from_warden
 
         unless @initial_current_user && Gitlab::UserAccess.new(@initial_current_user).allowed?
author	Timothy Andrew <mail@timothyandrew.net>	2017-06-20 10:40:24 +0300
committer	Timothy Andrew <mail@timothyandrew.net>	2017-06-28 10:17:13 +0300
commit	6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b (patch)
tree	b9de79a82757d00156ddf2f86453ae5b2ee7944d /lib/api/helpers.rb
parent	08ad0af49c017d740b43588c0809b3811d25a448 (diff)