1 files changed, 12 insertions, 10 deletions

diff --git a/app/controllers/concerns/lfs_request.rb b/app/controllers/concerns/lfs_request.rb
index 97df3c7caea..1653b40bad5 100644
--- a/app/controllers/concerns/lfs_request.rb
+++ b/app/controllers/concerns/lfs_request.rb
@@ -78,25 +78,27 @@ module LfsRequest
   end
 
   def lfs_download_access?
-    strong_memoize(:lfs_download_access) do
-      ci? || lfs_deploy_token? || user_can_download_code? || build_can_download_code? || deploy_token_can_download_code?
-    end
+    ci? || lfs_deploy_token? || user_can_download_code? || build_can_download_code? || deploy_token_can_download_code?
   end
+  strong_memoize_attr :lfs_download_access?, :lfs_download_access
 
   def deploy_token_can_download_code?
     deploy_token.present? &&
-      deploy_token.project == project &&
-      deploy_token.active? &&
+      deploy_token.has_access_to?(project) &&
       deploy_token.read_repository?
   end
 
   def lfs_upload_access?
-    strong_memoize(:lfs_upload_access) do
-      next false unless has_authentication_ability?(:push_code)
-      next false if limit_exceeded?
+    return false unless has_authentication_ability?(:push_code)
+    return false if limit_exceeded?
 
-      lfs_deploy_token? || can?(user, :push_code, project) || can?(deploy_token, :push_code, project)
-    end
+    lfs_deploy_token? || can?(user, :push_code,
+project) || can?(deploy_token, :push_code, project) || any_branch_allows_collaboration?
+  end
+  strong_memoize_attr :lfs_upload_access?, :lfs_upload_access
+
+  def any_branch_allows_collaboration?
+    project.merge_requests_allowing_push_to_user(user).any?
   end
 
   def lfs_deploy_token?