diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 03:10:15 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-06-16 03:10:15 +0300 |
commit | 46aea02972d6caaf34a11689e9e6ccfa9dcb538a (patch) | |
tree | 5e4e71724bdab97d6d3f57ed25e11e0c516383fb /lib/gitlab/auth.rb | |
parent | 83d921d51bd5bf8bd0ecd078706d7c037fb711cb (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 17 |
1 files changed, 9 insertions, 8 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index d2261148b21..36f58d43a77 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -156,15 +156,16 @@ module Gitlab underscored_service = matched_login['service'].underscore - if Integration.available_services_names.include?(underscored_service) - # We treat underscored_service as a trusted input because it is included - # in the Integration.available_services_names allowlist. - service = project.public_send("#{underscored_service}_service") # rubocop:disable GitlabSecurity/PublicSend + return unless Integration.available_services_names.include?(underscored_service) - if service && service.activated? && service.valid_token?(password) - Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities) - end - end + # We treat underscored_service as a trusted input because it is included + # in the Integration.available_services_names allowlist. + accessor = Project.integration_association_name(underscored_service) + service = project.public_send(accessor) # rubocop:disable GitlabSecurity/PublicSend + + return unless service && service.activated? && service.valid_token?(password) + + Gitlab::Auth::Result.new(nil, project, :ci, build_authentication_abilities) end def user_with_password_for_git(login, password) |