Add runners token

app/controllers/ci/application_controller.rb

@@ -6,12 +6,6 @@ module Ci
 
     private
 
-    def authenticate_token!
-      unless project.valid_token?(params[:token])
-        return head(403)
-      end
-    end
-
     def authorize_access_project!
       unless can?(current_user, :read_project, project)
         return page_404

app/controllers/ci/projects_controller.rb

@@ -22,8 +22,7 @@ module Ci
     protected
 
     def project
-      # TODO: what to do here?
-      @project ||= Project.find_by_ci_id(params[:id])
+      @project ||= Project.find_by(ci_id: params[:id].to_i)
     end
 
     def no_cache

app/models/ci/build.rb

@@ -225,7 +225,7 @@ module Ci
     end
 
     def valid_token? token
-      project.valid_token? token
+      project.valid_runners_token? token
     end
 
     def target_url

app/models/project.rb

@@ -169,9 +169,9 @@ class Project < ActiveRecord::Base
     if: ->(project) { project.avatar.present? && project.avatar_changed? }
   validates :avatar, file_size: { maximum: 200.kilobytes.to_i }
 
-  before_validation :set_random_token
-  def set_random_token
-    self.token = SecureRandom.hex(15) if self.token.blank?
+  before_validation :set_runners_token_token
+  def set_runners_token_token
+    self.runners_token = SecureRandom.hex(15) if self.runners_token.blank?
   end
 
   mount_uploader :avatar, AvatarUploader
@@ -270,9 +270,7 @@ class Project < ActiveRecord::Base
     end
 
     def find_by_ci_id(id)
-      ci_projects = Arel::Table.new(:ci_projects)
-      gitlab_id = ci_projects.where(ci_projects[:id].eq(id)).project(ci_projects[:gitlab_id])
-      find_by("id=(#{gitlab_id.to_sql})")
+      find_by(ci_id: id.to_i)
     end
 
     def visibility_levels
@@ -831,7 +829,11 @@ class Project < ActiveRecord::Base
     shared_runners_enabled? && Ci::Runner.shared.active.any?(&block)
   end
 
-  def valid_token? token
+  def valid_runners_token? token
+    self.token && self.token == token
+  end
+
+  def valid_build_token? token
     self.token && self.token == token
   end
 

db/migrate/20151203162135_add_ci_to_project.rb

 class AddCiToProject < ActiveRecord::Migration
   def up
+    add_column :projects, :ci_id, :integer
     add_column :projects, :builds_enabled, :boolean, default: true, null: false
     add_column :projects, :shared_runners_enabled, :boolean, default: true, null: false
-    add_column :projects, :token, :string
+    add_column :projects, :runners_token, :string
     add_column :projects, :build_coverage_regex, :string
     add_column :projects, :build_allow_git_fetch, :boolean, default: true, null: false
     add_column :projects, :build_timeout, :integer, default: 3600, null: false

db/migrate/20151204110613_migrate_ci_to_project.rb

@@ -5,8 +5,9 @@ class MigrateCiToProject < ActiveRecord::Migration
     migrate_project_id_for_table('ci_variables')
     migrate_project_id_for_builds
 
-    migrate_project_column('shared_runners_enabled')
-    migrate_project_column('token')
+    migrate_project_column('id', 'ci_id')
+    migrate_project_column('shared_runners_enabled', 'shared_runners_enabled')
+    migrate_project_column('token', 'runners_token')
     migrate_project_column('coverage_regex', 'build_coverage_regex')
     migrate_project_column('allow_git_fetch', 'build_allow_git_fetch')
     migrate_project_column('timeout', 'build_timeout')
@@ -25,7 +26,7 @@ class MigrateCiToProject < ActiveRecord::Migration
 
   def migrate_project_column(column, new_column = nil)
     new_column ||= column
-    subquery = "SELECT #{column} FROM ci_projects WHERE projects.id = ci_projects.gitlab_id"
+    subquery = "SELECT ci_projects.#{column} FROM ci_projects WHERE projects.id = ci_projects.gitlab_id"
     execute("UPDATE projects SET #{new_column}=(#{subquery}) WHERE #{new_column} IS NULL AND (#{subquery}) IS NOT NULL")
   end
 

db/migrate/20151204110832_add_index_to_ci_tables.rb

@@ -4,8 +4,9 @@ class AddIndexToCiTables < ActiveRecord::Migration
     add_index :ci_runner_projects, :gl_project_id
     add_index :ci_triggers, :gl_project_id
     add_index :ci_variables, :gl_project_id
-    add_index :projects, :token
+    add_index :projects, :runners_token
     add_index :projects, :builds_enabled
     add_index :projects, [:builds_enabled, :shared_runners_enabled]
+    add_index :projects, [:ci_id]
   end
 end

lib/ci/api/helpers.rb

@@ -13,10 +13,6 @@ module Ci
         forbidden! unless current_runner
       end
 
-      def authenticate_project_token!(project)
-        forbidden! unless project.valid_token?(params[:project_token])
-      end
-
       def authenticate_build_token!(build)
         token = (params[BUILD_TOKEN_PARAM] || env[BUILD_TOKEN_HEADER]).to_s
         forbidden! unless token && build.valid_token?(token)

lib/ci/api/runners.rb

@@ -36,7 +36,7 @@ module Ci
                 tag_list: params[:tag_list],
                 is_shared: true
               )
-            elsif project = Project.find_by(token: params[:token])
+            elsif project = Project.find_by(runners_token: params[:token])
               # Create a specific runner for project.
               project.ci_runners.create(
                 description: params[:description],

lib/ci/api/triggers.rb

@@ -14,7 +14,7 @@ module Ci
         post ":id/refs/:ref/trigger" do
           required_attributes! [:token]
 
-          project = Project.find_by_ci_id(params[:id])
+          project = Project.find_by(ci_id: params[:id].to_i)
           trigger = Ci::Trigger.find_by_token(params[:token].to_s)
           not_found! unless project && trigger
           unauthorized! unless trigger.project == project

lib/gitlab/backend/grack_auth.rb

@@ -78,7 +78,7 @@ module Grack
         underscored_service = matched_login['s'].underscore
 
         if underscored_service == 'gitlab_ci'
-          return project && project.builds_enabled? && project.valid_token?(password)
+          return project && project.builds_enabled? && project.valid_build_token?(password)
         elsif Service.available_services_names.include?(underscored_service)
           service_method = "#{underscored_service}_service"
           service = project.send(service_method)

spec/models/project_spec.rb

@@ -55,7 +55,7 @@ describe Project, models: true do
     it { is_expected.to have_one(:pushover_service).dependent(:destroy) }
     it { is_expected.to have_one(:asana_service).dependent(:destroy) }
     it { is_expected.to have_many(:ci_commits) }
-    it { is_expected.to have_many(:ci_statuses) }
+    it { is_expected.to have_many(:commit_statuses) }
     it { is_expected.to have_many(:ci_builds) }
     it { is_expected.to have_many(:ci_runner_projects) }
     it { is_expected.to have_many(:ci_runners) }