Merge branch '10io-nuget-api-reuse-auth-module' into 'master'

Clean up duplicated code in NuGet API See merge request gitlab-org/gitlab!28328

Merge branch '10io-nuget-api-reuse-auth-module' into 'master'
Clean up duplicated code in NuGet API See merge request gitlab-org/gitlab!28328
73c2f52f · Jan Provaznik · a2e581b5 · bd5a45cc · 73c2f52f · 73c2f52f
Commit 73c2f52f authored Mar 31, 2020 by Jan Provaznik
Showing with 2 additions and 37 deletions

ee/lib/api/nuget_packages.rb ee/lib/api/nuget_packages.rb +1 -36

ee/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb ...d_examples/requests/api/nuget_packages_shared_examples.rb +1 -1

No files found.
--- a/ee/lib/api/nuget_packages.rb
+++ b/ee/lib/api/nuget_packages.rb
@@ -8,10 +8,8 @@
 module API
  class NugetPackages < Grape::API
    helpers ::API::Helpers::PackagesManagerClientsHelpers
+    helpers ::API::Helpers::Packages::BasicAuthHelpers
-    AUTHORIZATION_HEADER = 'Authorization'
-    AUTHENTICATE_REALM_HEADER = 'Www-Authenticate: Basic realm'
-    AUTHENTICATE_REALM_NAME = 'GitLab Nuget Package Registry'
    POSITIVE_INTEGER_REGEX = %r{\A[1-9]\d*\z}.freeze
    NON_NEGATIVE_INTEGER_REGEX = %r{\A0|[1-9]\d*\z}.freeze
@@ -24,39 +22,6 @@ module API
    end
    helpers do
-      def find_personal_access_token
-        find_personal_access_token_from_http_basic_auth
-      end
-      def authorized_user_project
-        @authorized_user_project ||= authorized_project_find!(params[:id])
-      end
-      def authorized_project_find!(id)
-        project = find_project(id)
-        unless project && can?(current_user, :read_project, project)
-          return unauthorized_or! { not_found! }
-        end
-        project
-      end
-      def authorize!(action, subject = :global, reason = nil)
-        return if can?(current_user, action, subject)
-        unauthorized_or! { forbidden!(reason) }
-      end
-      def unauthorized_or!
-        current_user ? yield : unauthorized_with_header!
-      end
-      def unauthorized_with_header!
-        header(AUTHENTICATE_REALM_HEADER, AUTHENTICATE_REALM_NAME)
-        unauthorized!
-      end
      def find_packages
        packages = package_finder.execute

--- a/ee/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb
+++ b/ee/spec/support/shared_examples/requests/api/nuget_packages_shared_examples.rb
@@ -12,7 +12,7 @@ RSpec.shared_examples 'rejects nuget packages access' do |user_type, status, add
      it 'has the correct response header' do
        subject
-        expect(response.headers['Www-Authenticate: Basic realm']).to eq 'GitLab Nuget Package Registry'
+        expect(response.headers['Www-Authenticate: Basic realm']).to eq 'GitLab Packages Registry'
      end
    end
  end