diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-04 15:17:40 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-04 15:17:40 +0300 |
commit | 9486811b62db7f35906bae75f912aa89804e721b (patch) | |
tree | 92da5045f0554bf89a60a96eb4ac1ffa96bfa427 /lib/gitlab/auth.rb | |
parent | aa7870a90b5925412a38dd6a27522f83517b917e (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 257c73c47e6..5d5a431f206 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -6,25 +6,35 @@ module Gitlab IpBlacklisted = Class.new(StandardError) # Scopes used for GitLab API access - API_SCOPES = [:api, :read_user, :read_api].freeze + API_SCOPE = :api + READ_API_SCOPE = :read_api + READ_USER_SCOPE = :read_user + API_SCOPES = [API_SCOPE, READ_API_SCOPE, READ_USER_SCOPE].freeze + + PROFILE_SCOPE = :profile + EMAIL_SCOPE = :email + OPENID_SCOPE = :openid + # Scopes used for OpenID Connect + OPENID_SCOPES = [OPENID_SCOPE].freeze + # OpenID Connect profile scopes + PROFILE_SCOPES = [PROFILE_SCOPE, EMAIL_SCOPE].freeze # Scopes used for GitLab Repository access - REPOSITORY_SCOPES = [:read_repository, :write_repository].freeze + READ_REPOSITORY_SCOPE = :read_repository + WRITE_REPOSITORY_SCOPE = :write_repository + REPOSITORY_SCOPES = [READ_REPOSITORY_SCOPE, WRITE_REPOSITORY_SCOPE].freeze # Scopes used for GitLab Docker Registry access - REGISTRY_SCOPES = [:read_registry, :write_registry].freeze + READ_REGISTRY_SCOPE = :read_registry + WRITE_REGISTRY_SCOPE = :write_registry + REGISTRY_SCOPES = [READ_REGISTRY_SCOPE, WRITE_REGISTRY_SCOPE].freeze # Scopes used for GitLab as admin - ADMIN_SCOPES = [:sudo].freeze - - # Scopes used for OpenID Connect - OPENID_SCOPES = [:openid].freeze - - # OpenID Connect profile scopes - PROFILE_SCOPES = [:profile, :email].freeze + SUDO_SCOPE = :sudo + ADMIN_SCOPES = [SUDO_SCOPE].freeze # Default scopes for OAuth applications that don't define their own - DEFAULT_SCOPES = [:api].freeze + DEFAULT_SCOPES = [API_SCOPE].freeze CI_JOB_USER = 'gitlab-ci-token' |