Initial attempt at refactoring API scope declarations.

- Declaring an endpoint's scopes in a `before` block has proved to be unreliable. For example, if we're accessing the `API::Users` endpoint - code in a `before` block in `API::API` wouldn't be able to see the scopes set in `API::Users` since the `API::API` `before` block runs first. - This commit moves these declarations to the class level, since they don't need to change once set.
author: Timothy Andrew <mail@timothyandrew.net> 2017-06-20 07:40:24 +0000
committer: Timothy Andrew <mail@timothyandrew.net> 2017-06-28 07:17:13 +0000
commit: 6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b (patch)
tree: b9de79a82757d00156ddf2f86453ae5b2ee7944d /app
parent: 08ad0af49c017d740b43588c0809b3811d25a448 (diff)
download: gitlab-ce-6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/app/services/access_token_validation_service.rb b/app/services/access_token_validation_service.rb
index b2a543daa00..f171f8194bd 100644
--- a/app/services/access_token_validation_service.rb
+++ b/app/services/access_token_validation_service.rb
@@ -31,8 +31,11 @@ class AccessTokenValidationService
     if scopes.blank?
       true
     else
+      #scopes = scopes.reject { |scope| scope[:if].presence && !scope[:if].call(request) }
       # Check whether the token is allowed access to any of the required scopes.
-      Set.new(scopes).intersection(Set.new(token.scopes)).present?
+
+      scope_names = scopes.map { |scope| scope[:name].to_s }
+      Set.new(scope_names).intersection(Set.new(token.scopes)).present?
     end
   end
 end
author	Timothy Andrew <mail@timothyandrew.net>	2017-06-20 07:40:24 +0000
committer	Timothy Andrew <mail@timothyandrew.net>	2017-06-28 07:17:13 +0000
commit	6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b (patch)
tree	b9de79a82757d00156ddf2f86453ae5b2ee7944d /app
parent	08ad0af49c017d740b43588c0809b3811d25a448 (diff)
download	gitlab-ce-6f1922500bc9e2c6d53c46dfcbd420687dfe6e6b.tar.gz