Commit 2742f9fb authored by Kamil Trzcinski's avatar Kamil Trzcinski

Improve authentication_result usage

parent b0195d5c
......@@ -19,6 +19,8 @@ class Projects::GitHttpClientController < Projects::ApplicationController
private
def authenticate_user
@authentication_result = Gitlab::Auth::Result.new
if project && project.public? && download_request?
return # Allow access
end
......@@ -124,6 +126,18 @@ class Projects::GitHttpClientController < Projects::ApplicationController
end
end
def ci?
authentication_result.ci? &&
authentication_project &&
authentication_project == project
end
def lfs_deploy_key?
authentication_result.lfs_deploy_token? &&
actor &&
actor.projects.include?(project)
end
def authentication_has_download_access?
has_authentication_ability?(:download_code) || has_authentication_ability?(:build_download_code)
end
......@@ -132,19 +146,12 @@ class Projects::GitHttpClientController < Projects::ApplicationController
has_authentication_ability?(:push_code)
end
def ci?
authentication_result && authentication_result.ci? &&
authentication_result.project && authentication_result.project == project
end
def lfs_deploy_key?
authentication_result && authentication_result.lfs_deploy_token? &&
actor && actor.projects.include?(project)
def has_authentication_ability?(capability)
(authentication_abilities || []).include?(capability)
end
def has_authentication_ability?(capability)
authentication_abilities &&
authentication_abilities.include?(capability)
def authentication_project
authentication_result.project
end
def verify_workhorse_api!
......
......@@ -322,10 +322,10 @@ describe 'Git HTTP requests', lib: true do
expect(response).to have_http_status(401)
end
it "downloads from other project get status 401" do
it "downloads from other project get status 404" do
clone_get "#{other_project.path_with_namespace}.git", user: 'gitlab-ci-token', password: build.token
expect(response).to have_http_status(401)
expect(response).to have_http_status(404)
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment