Use the authentication_token for finding the user

author: Lin Jen-Shin <godfat@godfat.org> 2016-05-21 01:38:08 +0300
committer: Lin Jen-Shin <godfat@godfat.org> 2016-05-21 01:38:08 +0300
commit: c2bc15a7669b8f21b12314f8607a02cf7d8b4828 (patch)
tree: 2d37f88348fe9cfbd94ff4f3ca5df631d0410c2d /lib/gitlab/email/handler
parent: a7f6b75e7fba69964e84a0ae96c77650c66bb031 (diff)
1 files changed, 1 insertions, 10 deletions
diff --git a/lib/gitlab/email/handler/create_issue.rb b/lib/gitlab/email/handler/create_issue.rb
index 8829fbb0e49..72d49ec6c96 100644
--- a/lib/gitlab/email/handler/create_issue.rb
+++ b/lib/gitlab/email/handler/create_issue.rb
@@ -11,7 +11,6 @@ module Gitlab
 
         def execute
           validate_permission!(:create_issue)
-          validate_authentication_token!
 
           verify_record(
             create_issue,
@@ -21,10 +20,7 @@ module Gitlab
         end
 
         def author
-          @author ||= mail.from.find do |email|
-            user = User.find_by_any_email(email)
-            break user if user
-          end
+          @author ||= User.find_by(authentication_token: authentication_token)
         end
 
         def project
@@ -48,11 +44,6 @@ module Gitlab
             description: message
           ).execute
         end
-
-        def validate_authentication_token!
-          raise UserNotAuthorizedError unless author.authentication_token ==
-                                                authentication_token
-        end
       end
     end
   end
author	Lin Jen-Shin <godfat@godfat.org>	2016-05-21 01:38:08 +0300
committer	Lin Jen-Shin <godfat@godfat.org>	2016-05-21 01:38:08 +0300
commit	c2bc15a7669b8f21b12314f8607a02cf7d8b4828 (patch)
tree	2d37f88348fe9cfbd94ff4f3ca5df631d0410c2d /lib/gitlab/email/handler
parent	a7f6b75e7fba69964e84a0ae96c77650c66bb031 (diff)