diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-08 03:32:37 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-01-08 03:32:37 +0300 |
commit | 469a50879c1085ec77c95d650b7f135fee2c9e13 (patch) | |
tree | 0d639a63294b5abdb4e4a7bf1ed5a497d5e6869f /lib/gitlab/auth.rb | |
parent | aa5ca44f172f02f04cca448b1f9c17d6d933de40 (diff) |
Add latest changes from gitlab-org/gitlab@13-7-stable-ee
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 1aabb05f19e..1f5cce249d8 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -198,7 +198,9 @@ module Gitlab return unless valid_scoped_token?(token, all_available_scopes) - if token.user.can?(:log_in) || token.user.can?(:bot_log_in, project) + return if project && token.user.project_bot? && !project.bots.include?(token.user) + + if token.user.can?(:log_in) || token.user.project_bot? Gitlab::Auth::Result.new(token.user, nil, :personal_access_token, abilities_for_scopes(token.scopes)) end end @@ -283,7 +285,7 @@ module Gitlab return unless build.project.builds_enabled? if build.user - return unless build.user.can?(:log_in) || build.user.can?(:bot_log_in, build.project) + return unless build.user.can?(:log_in) || (build.user.project_bot? && build.project.bots&.include?(build.user)) # If user is assigned to build, use restricted credentials of user Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities) |