Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
b0798893
Commit
b0798893
authored
Oct 30, 2017
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update specs for sudo behavior
parent
d6a547db
Changes
3
Expand all
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
155 additions
and
243 deletions
+155
-243
app/models/oauth_access_token.rb
app/models/oauth_access_token.rb
+9
-1
lib/api/helpers.rb
lib/api/helpers.rb
+2
-5
spec/requests/api/helpers_spec.rb
spec/requests/api/helpers_spec.rb
+144
-237
No files found.
app/models/oauth_access_token.rb
View file @
b0798893
...
...
@@ -2,5 +2,13 @@ class OauthAccessToken < Doorkeeper::AccessToken
belongs_to
:resource_owner
,
class_name:
'User'
belongs_to
:application
,
class_name:
'Doorkeeper::Application'
alias_method
:user
,
:resource_owner
alias_attribute
:user
,
:resource_owner
def
scopes
=
(
value
)
if
value
.
is_a?
(
Array
)
super
(
Doorkeeper
::
OAuth
::
Scopes
.
from_array
(
value
).
to_s
)
else
super
end
end
end
lib/api/helpers.rb
View file @
b0798893
...
...
@@ -438,7 +438,7 @@ module API
def
sudo!
return
unless
sudo_identifier
raise
UnauthorizedError
unless
initial_current_user
unauthorized!
unless
initial_current_user
unless
initial_current_user
.
admin?
forbidden!
(
'Must be admin to use sudo'
)
...
...
@@ -451,10 +451,7 @@ module API
validate_access_token!
(
scopes:
[
:sudo
])
sudoed_user
=
find_user
(
sudo_identifier
)
unless
sudoed_user
not_found!
(
"No user id or username for:
#{
sudo_identifier
}
"
)
end
not_found!
(
"User with ID or username '
#{
sudo_identifier
}
'"
)
unless
sudoed_user
@current_user
=
sudoed_user
end
...
...
spec/requests/api/helpers_spec.rb
View file @
b0798893
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment