Improve authentication_result usage

2742f9fb · Kamil Trzcinski · b0195d5c · 2742f9fb · 2742f9fb
Commit 2742f9fb authored Sep 16, 2016 by Kamil Trzcinski
Showing with 20 additions and 13 deletions

app/controllers/projects/git_http_client_controller.rb app/controllers/projects/git_http_client_controller.rb +18 -11

spec/requests/git_http_spec.rb spec/requests/git_http_spec.rb +2 -2

No files found.
--- a/app/controllers/projects/git_http_client_controller.rb
+++ b/app/controllers/projects/git_http_client_controller.rb
@@ -19,6 +19,8 @@ class Projects::GitHttpClientController < Projects::ApplicationController
  private
  def authenticate_user
+    @authentication_result = Gitlab::Auth::Result.new
    if project && project.public? && download_request?
      return # Allow access
    end
@@ -124,6 +126,18 @@ class Projects::GitHttpClientController < Projects::ApplicationController
    end
  end
+  def ci?
+    authentication_result.ci? &&
+      authentication_project &&
+      authentication_project == project
+  end
+  def lfs_deploy_key?
+    authentication_result.lfs_deploy_token? &&
+      actor &&
+      actor.projects.include?(project)
+  end
  def authentication_has_download_access?
    has_authentication_ability?(:download_code) || has_authentication_ability?(:build_download_code)
  end
@@ -132,19 +146,12 @@ class Projects::GitHttpClientController < Projects::ApplicationController
    has_authentication_ability?(:push_code)
  end
-  def ci?
+  def has_authentication_ability?(capability)
-    authentication_result && authentication_result.ci? &&
+    (authentication_abilities || []).include?(capability)
-      authentication_result.project && authentication_result.project == project
-  end
-  def lfs_deploy_key?
-    authentication_result && authentication_result.lfs_deploy_token? &&
-      actor && actor.projects.include?(project)
  end
-  def has_authentication_ability?(capability)
+  def authentication_project
-    authentication_abilities &&
+    authentication_result.project
-      authentication_abilities.include?(capability)
  end
  def verify_workhorse_api!

--- a/spec/requests/git_http_spec.rb
+++ b/spec/requests/git_http_spec.rb
@@ -322,10 +322,10 @@ describe 'Git HTTP requests', lib: true do
            expect(response).to have_http_status(401)
          end
-          it "downloads from other project get status 401" do
+          it "downloads from other project get status 404" do
            clone_get "#{other_project.path_with_namespace}.git", user: 'gitlab-ci-token', password: build.token
-            expect(response).to have_http_status(401)
+            expect(response).to have_http_status(404)
          end
        end