diff options
| author | Douwe Maan <douwe@gitlab.com> | 2016-11-08 10:47:45 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2016-11-08 10:47:45 +0000 |
| commit | 9c3f3e9e359740b10edafaa1b06b0ff3e2070820 (patch) | |
| tree | 01846d1a63bd1177b68377822fcb23b86e176cf2 /app/models | |
| parent | 8f85bd5789d50c080a7214981cc0a45fcb382bef (diff) | |
| parent | 011e561bfa227f3ecbafe5b1ffd51700c680a15f (diff) | |
| download | gitlab-ce-9c3f3e9e359740b10edafaa1b06b0ff3e2070820.tar.gz | |
Merge branch 'use-separate-token-for-incoming-email' into 'master'
Use separate email-friendly token for incoming email
See merge request !5914
Diffstat (limited to 'app/models')
| -rw-r--r-- | app/models/concerns/token_authenticatable.rb | 10 | ||||
| -rw-r--r-- | app/models/project.rb | 11 | ||||
| -rw-r--r-- | app/models/user.rb | 12 |
3 files changed, 23 insertions, 10 deletions
diff --git a/app/models/concerns/token_authenticatable.rb b/app/models/concerns/token_authenticatable.rb index 24c7b26d223..04d30f46210 100644 --- a/app/models/concerns/token_authenticatable.rb +++ b/app/models/concerns/token_authenticatable.rb @@ -4,17 +4,21 @@ module TokenAuthenticatable private def write_new_token(token_field) - new_token = generate_token(token_field) + new_token = generate_available_token(token_field) write_attribute(token_field, new_token) end - def generate_token(token_field) + def generate_available_token(token_field) loop do - token = Devise.friendly_token + token = generate_token(token_field) break token unless self.class.unscoped.find_by(token_field => token) end end + def generate_token(token_field) + Devise.friendly_token + end + class_methods do def authentication_token_fields @token_fields || [] diff --git a/app/models/project.rb b/app/models/project.rb index 686d285410b..4c9c7c001dd 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -624,13 +624,12 @@ class Project < ActiveRecord::Base end def new_issue_address(author) - # This feature is disabled for the time being. - return nil + return unless Gitlab::IncomingEmail.supports_issue_creation? && author - if Gitlab::IncomingEmail.enabled? && author # rubocop:disable Lint/UnreachableCode - Gitlab::IncomingEmail.reply_address( - "#{path_with_namespace}+#{author.authentication_token}") - end + author.ensure_incoming_email_token! + + Gitlab::IncomingEmail.reply_address( + "#{path_with_namespace}+#{author.incoming_email_token}") end def build_commit_note(commit) diff --git a/app/models/user.rb b/app/models/user.rb index c0dffa7b6ea..3813df6684e 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -13,6 +13,7 @@ class User < ActiveRecord::Base DEFAULT_NOTIFICATION_LEVEL = :participating add_authentication_token_field :authentication_token + add_authentication_token_field :incoming_email_token default_value_for :admin, false default_value_for(:external) { current_application_settings.user_default_external } @@ -119,7 +120,7 @@ class User < ActiveRecord::Base before_validation :set_public_email, if: ->(user) { user.public_email_changed? } after_update :update_emails_with_primary_email, if: ->(user) { user.email_changed? } - before_save :ensure_authentication_token + before_save :ensure_authentication_token, :ensure_incoming_email_token before_save :ensure_external_user_rights after_save :ensure_namespace_correct after_initialize :set_projects_limit @@ -956,4 +957,13 @@ class User < ActiveRecord::Base signup_domain =~ regexp end end + + def generate_token(token_field) + if token_field == :incoming_email_token + # Needs to be all lowercase and alphanumeric because it's gonna be used in an email address. + SecureRandom.hex.to_i(16).to_s(36) + else + super + end + end end |