Commit e6cc4e90 authored by Drew Blessing's avatar Drew Blessing

Refactor git http controllers to rely on auth results differently

Auth results can return an ambiguous actor, either user or
deploy token. Refactor to explicitly get user or deploy token
rather than accessing the actor directly.
parent c3033257
......@@ -8,12 +8,9 @@ module Repositories
attr_reader :authentication_result, :redirected_path
delegate :actor, :authentication_abilities, to: :authentication_result, allow_nil: true
delegate :authentication_abilities, to: :authentication_result, allow_nil: true
delegate :type, to: :authentication_result, allow_nil: true, prefix: :auth_result
alias_method :user, :actor
alias_method :authenticated_user, :actor
# Git clients will not know what authenticity token to send along
skip_around_action :set_session_storage
skip_before_action :verify_authenticity_token
......@@ -22,8 +19,16 @@ module Repositories
feature_category :source_code_management
def authenticated_user
authentication_result&.user || authentication_result&.deploy_token
end
private
def user
authenticated_user
end
def download_request?
raise NotImplementedError
end
......
......@@ -30,6 +30,7 @@ module EE
private
override :user
def user
super || geo_push_user&.user
end
......
......@@ -90,6 +90,14 @@ RSpec.describe Repositories::GitHttpController do
end
end
end
context 'when the user is a deploy token' do
it_behaves_like Repositories::GitHttpController do
let(:container) { project }
let(:user) { create(:deploy_token, :project, projects: [project]) }
let(:access_checker_class) { Gitlab::GitAccess }
end
end
end
context 'when repository container is a project wiki' do
......
......@@ -50,7 +50,8 @@ RSpec.shared_examples Repositories::GitHttpController do
context 'with authorized user' do
before do
request.headers.merge! auth_env(user.username, user.password, nil)
password = user.try(:password) || user.try(:token)
request.headers.merge! auth_env(user.username, password, nil)
end
it 'returns 200' do
......@@ -71,9 +72,10 @@ RSpec.shared_examples Repositories::GitHttpController do
it 'adds user info to the logs' do
get :info_refs, params: params
expect(log_data).to include('username' => user.username,
'user_id' => user.id,
'meta.user' => user.username)
user_log_data = { 'username' => user.username, 'user_id' => user.id }
user_log_data['meta.user'] = user.username if user.is_a?(User)
expect(log_data).to include(user_log_data)
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment