Add comment to container registry auth service

Comment explains why we still have authentication without user object there. The legacy authentication mechanism should be removed in 10.0.

Add comment to container registry auth service
Comment explains why we still have authentication without user object there. The legacy authentication mechanism should be removed in 10.0.
4407d3cf · Grzegorz Bizon · 313e35e8 · 4407d3cf
Commit 4407d3cf authored Mar 29, 2017 by Grzegorz Bizon
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 5 deletions

app/services/auth/container_registry_authentication_service.rb ...ervices/auth/container_registry_authentication_service.rb +7 -5

No files found.
--- a/app/services/auth/container_registry_authentication_service.rb
+++ b/app/services/auth/container_registry_authentication_service.rb
@@ -107,6 +107,11 @@ module Auth
        can?(current_user, :read_container_image, requested_project)
    end
+    ##
+    # We still support legacy pipeline triggers which do not have associated
+    # actor. New permissions model and new triggers are always associated with
+    # an actor, so this should be improved in 10.0 version of GitLab.
+    #
    def build_can_push?(requested_project)
      # Build can push only to the project from which it originates
      has_authentication_ability?(:build_create_container_image) &&
@@ -119,14 +124,11 @@ module Auth
    end
    def error(code, status:, message: '')
-      {
+      { errors: [{ code: code, message: message }], http_status: status }
-        errors: [{ code: code, message: message }],
-        http_status: status
-      }
    end
    def has_authentication_ability?(capability)
-      (@authentication_abilities || []).include?(capability)
+      @authentication_abilities.to_a.include?(capability)
    end
  end
 end