diff options
| author | Vratislav Kalenda <v.kalenda@gmail.com> | 2017-10-08 20:36:45 +0200 |
|---|---|---|
| committer | Vratislav Kalenda <v.kalenda@gmail.com> | 2017-10-08 20:40:01 +0200 |
| commit | 74d37438d5361fd4e77993dbc9590b20f7c32100 (patch) | |
| tree | 3487de9aab0d82382491cbad38dbde8c4987130b /app/services/auth | |
| parent | 91f1d652f5a0ab82784fed6d81501d03113d2cd7 (diff) | |
| download | gitlab-ce-74d37438d5361fd4e77993dbc9590b20f7c32100.tar.gz | |
Issue JWT token with registry:catalog:* scope when requested by GitLab admin
Diffstat (limited to 'app/services/auth')
| -rw-r--r-- | app/services/auth/container_registry_authentication_service.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/app/services/auth/container_registry_authentication_service.rb b/app/services/auth/container_registry_authentication_service.rb index 9a636346899..0de7009e339 100644 --- a/app/services/auth/container_registry_authentication_service.rb +++ b/app/services/auth/container_registry_authentication_service.rb @@ -58,6 +58,11 @@ module Auth actions = actions.split(',') path = ContainerRegistry::Path.new(name) + if type == 'registry' && name == 'catalog' && current_user && current_user.admin? + return { type: type, name: name, actions: ['*'] } + end + + return unless type == 'repository' process_repository_access(type, path, actions) |