Commit 73c2f52f authored by Jan Provaznik's avatar Jan Provaznik

Merge branch '10io-nuget-api-reuse-auth-module' into 'master'

Clean up duplicated code in NuGet API

See merge request gitlab-org/gitlab!28328
parents a2e581b5 bd5a45cc
......@@ -8,10 +8,8 @@
module API
class NugetPackages < Grape::API
helpers ::API::Helpers::PackagesManagerClientsHelpers
helpers ::API::Helpers::Packages::BasicAuthHelpers
AUTHORIZATION_HEADER = 'Authorization'
AUTHENTICATE_REALM_HEADER = 'Www-Authenticate: Basic realm'
AUTHENTICATE_REALM_NAME = 'GitLab Nuget Package Registry'
POSITIVE_INTEGER_REGEX = %r{\A[1-9]\d*\z}.freeze
NON_NEGATIVE_INTEGER_REGEX = %r{\A0|[1-9]\d*\z}.freeze
......@@ -24,39 +22,6 @@ module API
end
helpers do
def find_personal_access_token
find_personal_access_token_from_http_basic_auth
end
def authorized_user_project
@authorized_user_project ||= authorized_project_find!(params[:id])
end
def authorized_project_find!(id)
project = find_project(id)
unless project && can?(current_user, :read_project, project)
return unauthorized_or! { not_found! }
end
project
end
def authorize!(action, subject = :global, reason = nil)
return if can?(current_user, action, subject)
unauthorized_or! { forbidden!(reason) }
end
def unauthorized_or!
current_user ? yield : unauthorized_with_header!
end
def unauthorized_with_header!
header(AUTHENTICATE_REALM_HEADER, AUTHENTICATE_REALM_NAME)
unauthorized!
end
def find_packages
packages = package_finder.execute
......
......@@ -12,7 +12,7 @@ RSpec.shared_examples 'rejects nuget packages access' do |user_type, status, add
it 'has the correct response header' do
subject
expect(response.headers['Www-Authenticate: Basic realm']).to eq 'GitLab Nuget Package Registry'
expect(response.headers['Www-Authenticate: Basic realm']).to eq 'GitLab Packages Registry'
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment