diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2015-08-05 09:30:12 +0000 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2015-08-05 09:30:12 +0000 |
| commit | 99d6329a7ce34e7242a2d2f1af7846360699463f (patch) | |
| tree | 468114d0ef9b88e170f7106ec1b5bebe172658c5 | |
| parent | f7dbf6d1a4b5724445de4da658103ce976b02a29 (diff) | |
| parent | 3534f0bc76191c98abab2c8bf969e845b6990864 (diff) | |
| download | gitlab-ci-99d6329a7ce34e7242a2d2f1af7846360699463f.tar.gz | |
Merge branch 'access-token-api' into 'master'
Refactor access_token usage for API requests
This MR refactors GitLab API usage to use either access_token or private_token. It also allows to use access_token when executing GitLab CI API.
/cc @vsizov @dzaporozhets
See merge request !226
| -rw-r--r-- | CHANGELOG | 2 | ||||
| -rw-r--r-- | app/controllers/projects_controller.rb | 2 | ||||
| -rw-r--r-- | app/models/network.rb | 10 | ||||
| -rw-r--r-- | app/models/project.rb | 7 | ||||
| -rw-r--r-- | app/models/user.rb | 20 | ||||
| -rw-r--r-- | app/services/create_project_service.rb | 8 | ||||
| -rw-r--r-- | lib/api/helpers.rb | 7 |
7 files changed, 27 insertions, 29 deletions
@@ -5,6 +5,8 @@ v7.14.0 (unreleased) - Randomize test database for CI tests - Make YAML validation stricter - Use avatars received from GitLab + - Refactor GitLab API usage to use either access_token or private_token depending on what was specified during login + - Allow to use access_token for API requests v7.13.1 - Fix: user could steal specific runner diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index f228870..8ba0f92 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -79,7 +79,7 @@ class ProjectsController < ApplicationController def destroy project.destroy - Network.new.disable_ci(project.gitlab_id, current_user.access_token) + Network.new.disable_ci(project.gitlab_id, current_user.authenticate_options) EventService.new.remove_project(current_user, project) diff --git a/app/models/network.rb b/app/models/network.rb index 8ba467d..212c2b9 100644 --- a/app/models/network.rb +++ b/app/models/network.rb @@ -82,11 +82,15 @@ class Network end end - def disable_ci(project_id, access_token) - query = "projects/#{project_id}/services/gitlab-ci.json?access_token=#{access_token}" + def disable_ci(project_id, api_opts) + opts = { + query: api_opts + } + + query = "projects/#{project_id}/services/gitlab-ci.json" endpoint = File.join(url, API_PREFIX, query) - response = self.class.delete(endpoint, default_opts) + response = self.class.delete(endpoint, default_opts.merge(opts)) build_response(response) end diff --git a/app/models/project.rb b/app/models/project.rb index b4a3ffc..373fe84 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -87,12 +87,7 @@ ls -la end def from_gitlab(user, scope = :owned, options) - opts = if user.access_token - { access_token: user.access_token } - else - { private_token: user.private_token } - end - + opts = user.authenticate_options opts.merge! options projects = Network.new.projects(opts.compact, scope) diff --git a/app/models/user.rb b/app/models/user.rb index dc4c2cf..2dd80dd 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -60,12 +60,8 @@ class User end def can_manage_project?(project_gitlab_id) - opts = { - access_token: self.access_token, - } - Rails.cache.fetch(cache_key('manage', project_gitlab_id, sync_at)) do - !!Network.new.project_hooks(opts, project_gitlab_id) + !!Network.new.project_hooks(authenticate_options, project_gitlab_id) end end @@ -81,15 +77,19 @@ class User end end + def authenticate_options + if attributes['access_token'] + { access_token: attributes['access_token'] } + else + { private_token: attributes['private_token'] } + end + end + private def project_info(project_gitlab_id) - opts = { - access_token: self.access_token, - } - Rails.cache.fetch(cache_key("project_info", project_gitlab_id, sync_at)) do - Network.new.project(opts, project_gitlab_id) + Network.new.project(authenticate_options, project_gitlab_id) end end end diff --git a/app/services/create_project_service.rb b/app/services/create_project_service.rb index 652d7bd..f331919 100644 --- a/app/services/create_project_service.rb +++ b/app/services/create_project_service.rb @@ -12,13 +12,7 @@ class CreateProjectService project_url: project_route.gsub(":project_id", @project.id.to_s), } - auth_opts = if current_user.access_token - { access_token: current_user.access_token } - else - { private_token: current_user.private_token } - end - - unless Network.new.enable_ci(@project.gitlab_id, data, auth_opts) + unless Network.new.enable_ci(@project.gitlab_id, data, current_user.authenticate_options) raise ActiveRecord::Rollback end end diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index cff5920..8ea7f86 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -2,14 +2,17 @@ module API module Helpers PRIVATE_TOKEN_PARAM = :private_token PRIVATE_TOKEN_HEADER = "HTTP_PRIVATE_TOKEN" + ACCESS_TOKEN_PARAM = :access_token + ACCESS_TOKEN_HEADER = "HTTP_ACCESS_TOKEN" UPDATE_RUNNER_EVERY = 60 def current_user @current_user ||= begin options = { - private_token: (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]) + access_token: (params[ACCESS_TOKEN_PARAM] || env[ACCESS_TOKEN_HEADER]), + private_token: (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]), } - UserSession.new.authenticate(options) + UserSession.new.authenticate(options.compact) end end |