Adding registry endpoint authorization

author: Andre Guedes <andrebsguedes@gmail.com> 2016-12-13 23:42:43 -0200
committer: Andre Guedes <andrebsguedes@gmail.com> 2017-02-22 11:29:07 -0300
commit: 246df2bd1151d39a04ef553064144eb75ee3e980 (patch)
tree: 203bf32cea4f57b5eeb720c3c1aceba9e71965e8 /lib/api/helpers.rb
parent: eed0b85ad084ad4d13cc26907102063d9372fe75 (diff)
download: gitlab-ce-246df2bd1151d39a04ef553064144eb75ee3e980.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index a1db2099693..0fd2b1587e3 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -111,6 +111,16 @@ module API
       end
     end
 
+    def authenticate_container_registry_access_token!
+      token = request.headers['X-Registry-Token']
+      unless token.present? && ActiveSupport::SecurityUtils.variable_size_secure_compare(
+        token,
+        current_application_settings.container_registry_access_token
+      )
+        unauthorized!
+      end
+    end
+
     def authenticated_as_admin!
       authenticate!
       forbidden! unless current_user.is_admin?
author	Andre Guedes <andrebsguedes@gmail.com>	2016-12-13 23:42:43 -0200
committer	Andre Guedes <andrebsguedes@gmail.com>	2017-02-22 11:29:07 -0300
commit	246df2bd1151d39a04ef553064144eb75ee3e980 (patch)
tree	203bf32cea4f57b5eeb720c3c1aceba9e71965e8 /lib/api/helpers.rb
parent	eed0b85ad084ad4d13cc26907102063d9372fe75 (diff)
download	gitlab-ce-246df2bd1151d39a04ef553064144eb75ee3e980.tar.gz