Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib/gitlab/auth.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gitlab/auth.rb')
-rw-r--r--lib/gitlab/auth.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb
index c16c2ce96de..7f7bdda953f 100644
--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -171,6 +171,8 @@ module Gitlab
if valid_oauth_token?(token)
user = User.find_by(id: token.resource_owner_id)
+ return unless user.can?(:log_in)
+
Gitlab::Auth::Result.new(user, nil, :oauth, full_authentication_abilities)
end
end
@@ -182,7 +184,7 @@ module Gitlab
token = PersonalAccessTokensFinder.new(state: 'active').find_by_token(password)
- if token && valid_scoped_token?(token, all_available_scopes)
+ if token && valid_scoped_token?(token, all_available_scopes) && token.user.can?(:log_in)
Gitlab::Auth::Result.new(token.user, nil, :personal_access_token, abilities_for_scopes(token.scopes))
end
end
@@ -260,6 +262,8 @@ module Gitlab
return unless build.project.builds_enabled?
if build.user
+ return unless build.user.can?(:log_in)
+
# If user is assigned to build, use restricted credentials of user
Gitlab::Auth::Result.new(build.user, build.project, :build, build_authentication_abilities)
else
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 18:58:12 +0300