diff options
Diffstat (limited to 'lib/gitlab/auth')
-rw-r--r-- | lib/gitlab/auth/auth_finders.rb | 9 | ||||
-rw-r--r-- | lib/gitlab/auth/ldap/adapter.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/auth/o_auth/user.rb | 2 |
3 files changed, 11 insertions, 4 deletions
diff --git a/lib/gitlab/auth/auth_finders.rb b/lib/gitlab/auth/auth_finders.rb index 16bee187c87..c69462b12de 100644 --- a/lib/gitlab/auth/auth_finders.rb +++ b/lib/gitlab/auth/auth_finders.rb @@ -121,6 +121,7 @@ module Gitlab # It is also used by GraphQL/API requests. # And to allow accessing /archive programatically as it was a big pain point # for users https://gitlab.com/gitlab-org/gitlab/-/issues/28978. + # Used for release downloading as well def find_user_from_web_access_token(request_format, scopes: [:api]) return unless access_token && valid_web_access_format?(request_format) @@ -147,7 +148,7 @@ module Gitlab # deploy tokens are accepted with deploy token headers and basic auth headers def deploy_token_from_request return unless route_authentication_setting[:deploy_token_allowed] - return if Gitlab::ExternalAuthorization.enabled? + return unless Gitlab::ExternalAuthorization.allow_deploy_tokens_and_deploy_keys? token = current_request.env[DEPLOY_TOKEN_HEADER].presence || parsed_oauth_token @@ -301,6 +302,8 @@ module Gitlab api_request? when :archive archive_request? + when :download + download_request? end end @@ -352,6 +355,10 @@ module Gitlab current_request.path.include?('/-/archive/') end + def download_request? + current_request.path.include?('/downloads/') + end + def blob_request? current_request.path.include?('/raw/') end diff --git a/lib/gitlab/auth/ldap/adapter.rb b/lib/gitlab/auth/ldap/adapter.rb index 9aedc131e92..0201f1f8725 100644 --- a/lib/gitlab/auth/ldap/adapter.rb +++ b/lib/gitlab/auth/ldap/adapter.rb @@ -33,8 +33,8 @@ module Gitlab users_search(options) end - def user(*args) - users(*args).first + def user(...) + users(...).first end def dn_matches_filter?(dn, filter) diff --git a/lib/gitlab/auth/o_auth/user.rb b/lib/gitlab/auth/o_auth/user.rb index 242390c3e89..01e126ec2f5 100644 --- a/lib/gitlab/auth/o_auth/user.rb +++ b/lib/gitlab/auth/o_auth/user.rb @@ -258,7 +258,7 @@ module Gitlab metadata = gl_user.build_user_synced_attributes_metadata if sync_profile_from_provider? - UserSyncedAttributesMetadata::SYNCABLE_ATTRIBUTES.each do |key| + UserSyncedAttributesMetadata.syncable_attributes.each do |key| if auth_hash.has_attribute?(key) && gl_user.sync_attribute?(key) gl_user.public_send("#{key}=".to_sym, auth_hash.public_send(key)) # rubocop:disable GitlabSecurity/PublicSend metadata.set_attribute_synced(key, true) |