Commit b38439a3 authored by Kamil Trzciński's avatar Kamil Trzciński

Use proper auth_scope for deploy token

parent 5bc58bac
...@@ -164,7 +164,7 @@ module Gitlab ...@@ -164,7 +164,7 @@ module Gitlab
def abilities_for_scopes(scopes) def abilities_for_scopes(scopes)
abilities_by_scope = { abilities_by_scope = {
api: full_authentication_abilities, api: full_authentication_abilities,
read_registry: [:build_read_container_image], read_registry: [:read_container_image],
read_repository: [:download_code] read_repository: [:download_code]
} }
......
...@@ -195,7 +195,7 @@ describe Gitlab::Auth do ...@@ -195,7 +195,7 @@ describe Gitlab::Auth do
personal_access_token = create(:personal_access_token, scopes: ['read_registry']) personal_access_token = create(:personal_access_token, scopes: ['read_registry'])
expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '') expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: '')
expect(gl_auth.find_for_git_client('', personal_access_token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(personal_access_token.user, nil, :personal_access_token, [:build_read_container_image])) expect(gl_auth.find_for_git_client('', personal_access_token.token, project: nil, ip: 'ip')).to eq(Gitlab::Auth::Result.new(personal_access_token.user, nil, :personal_access_token, [:read_container_image]))
end end
end end
...@@ -317,7 +317,7 @@ describe Gitlab::Auth do ...@@ -317,7 +317,7 @@ describe Gitlab::Auth do
end end
it 'succeeds when login and token are valid' do it 'succeeds when login and token are valid' do
auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, [:build_read_container_image]) auth_success = Gitlab::Auth::Result.new(deploy_token, project, :deploy_token, [:read_container_image])
expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: login) expect(gl_auth).to receive(:rate_limit!).with('ip', success: true, login: login)
expect(gl_auth.find_for_git_client(login, deploy_token.token, project: nil, ip: 'ip')) expect(gl_auth.find_for_git_client(login, deploy_token.token, project: nil, ip: 'ip'))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment