Introduce EE::API::APIGuard::HelperMethods

173e17e5 · Lin Jen-Shin · 8f4b6e2e · 173e17e5 · 173e17e5
Commit 173e17e5 authored Feb 05, 2018 by Lin Jen-Shin
Hide whitespace changes
Inline Side-by-side

Showing with 22 additions and 1 deletion

ee/lib/ee/api/api_guard.rb ee/lib/ee/api/api_guard.rb +16 -0

lib/api/api_guard.rb lib/api/api_guard.rb +6 -1

No files found.
--- a/ee/lib/ee/api/api_guard.rb
+++ b/ee/lib/ee/api/api_guard.rb
+module EE
+  module API
+    module APIGuard
+      module HelperMethods
+        extend ::Gitlab::Utils::Override
+
+        override :find_user_from_sources
+        def find_user_from_sources
+          find_user_from_access_token ||
+            find_user_from_job_token ||
+            find_user_from_warden
+        end
+      end
+    end
+  end
+end
--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -39,10 +39,11 @@ module API

    # Helper Methods for Grape Endpoint
    module HelperMethods
+      prepend EE::API::APIGuard::HelperMethods
      include Gitlab::Auth::UserAuthFinders

      def find_current_user!
-        user = find_user_from_access_token || find_user_from_job_token || find_user_from_warden
+        user = find_user_from_sources
        return unless user

        forbidden!('User is blocked') unless Gitlab::UserAccess.new(user).allowed? && user.can?(:access_api)
@@ -50,6 +51,10 @@ module API
        user
      end

+      def find_user_from_sources
+        find_user_from_access_token || find_user_from_warden
+      end
+
      private

      # An array of scopes that were registered (using `allow_access_with_scope`)