Increase test suite around deploy tokens behavior

Also, fixes broken specs
author: Mayra Cabrera <mcabrera@gitlab.com> 2018-04-06 06:02:13 +0300
committer: Mayra Cabrera <mcabrera@gitlab.com> 2018-04-07 05:20:17 +0300
commit: c4f56a88029c1fe73bf6efb062b5f77a65282fed (patch)
tree: 890a869e8ce06a5438b38c8e9dca9529362cc2f4 /lib/gitlab/auth.rb
parent: a475411f4380ef4d0260940206e2553da3b2f3ee (diff)
1 files changed, 3 insertions, 5 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index 13a59bb4a76..f88f9d2d808 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -173,19 +173,17 @@ module Gitlab
         end.uniq
       end
 
-      # Project is always sent when using read_scope,
-      # but is not sent when using read_registry scope
-      # (since jwt is not context aware of the project)
       def deploy_token_check(login, password)
         return unless password.present?
 
         token =
           DeployToken.active.find_by(token: password)
 
-        return unless token
-        return unless login != "gitlab+deploy-token-#{token.id}"
+        return unless token && login
+        return if login != token.username
 
         scopes = abilities_for_scopes(token.scopes)
+
         if valid_scoped_token?(token, available_scopes)
           Gitlab::Auth::Result.new(token, token.project, :deploy_token, scopes)
         end
author	Mayra Cabrera <mcabrera@gitlab.com>	2018-04-06 06:02:13 +0300
committer	Mayra Cabrera <mcabrera@gitlab.com>	2018-04-07 05:20:17 +0300
commit	c4f56a88029c1fe73bf6efb062b5f77a65282fed (patch)
tree	890a869e8ce06a5438b38c8e9dca9529362cc2f4 /lib/gitlab/auth.rb
parent	a475411f4380ef4d0260940206e2553da3b2f3ee (diff)