diff options
author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-06 06:02:13 +0300 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-07 05:20:17 +0300 |
commit | c4f56a88029c1fe73bf6efb062b5f77a65282fed (patch) | |
tree | 890a869e8ce06a5438b38c8e9dca9529362cc2f4 /lib/gitlab/auth.rb | |
parent | a475411f4380ef4d0260940206e2553da3b2f3ee (diff) |
Increase test suite around deploy tokens behavior
Also, fixes broken specs
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r-- | lib/gitlab/auth.rb | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 13a59bb4a76..f88f9d2d808 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -173,19 +173,17 @@ module Gitlab end.uniq end - # Project is always sent when using read_scope, - # but is not sent when using read_registry scope - # (since jwt is not context aware of the project) def deploy_token_check(login, password) return unless password.present? token = DeployToken.active.find_by(token: password) - return unless token - return unless login != "gitlab+deploy-token-#{token.id}" + return unless token && login + return if login != token.username scopes = abilities_for_scopes(token.scopes) + if valid_scoped_token?(token, available_scopes) Gitlab::Auth::Result.new(token, token.project, :deploy_token, scopes) end |