diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-28 03:07:51 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-03-28 03:07:51 +0300 |
commit | bba3aae6262b45e5457d0fcaa23e99f815114b4b (patch) | |
tree | 9510a08bba9514faf620b4244f382c4fc9599637 /lib/gitlab/auth.rb | |
parent | f50b93c373428d624cc2cabe98e4022dce846e67 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 7f7bdda953f..8a68808d9fd 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -164,20 +164,18 @@ module Gitlab Gitlab::Auth::Result.new(user, nil, :gitlab_or_ldap, full_authentication_abilities) end - # rubocop: disable CodeReuse/ActiveRecord def oauth_access_token_check(login, password) if login == "oauth2" && password.present? token = Doorkeeper::AccessToken.by_token(password) if valid_oauth_token?(token) - user = User.find_by(id: token.resource_owner_id) - return unless user.can?(:log_in) + user = User.id_in(token.resource_owner_id).first + return unless user&.can?(:log_in) Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities) end end end - # rubocop: enable CodeReuse/ActiveRecord def personal_access_token_check(password) return unless password.present? |