Removing private token

author: Francisco Lopez <fjlopez@gitlab.com> 2017-11-08 10:13:22 +0100
committer: Francisco Lopez <fjlopez@gitlab.com> 2017-11-17 10:01:21 +0100
commit: 374179a97042da3a4d5312afcdb0dc90a44634f0 (patch)
tree: 32c75aada478c764f4ebdd36f3b981f968d4f452 /lib
parent: 41ebd06ddc837c80ba6ca95c6d5fea2b76cef8d2 (diff)
download: gitlab-ce-374179a97042da3a4d5312afcdb0dc90a44634f0.tar.gz
2 files changed, 16 insertions, 7 deletions
diff --git a/lib/api/api_guard.rb b/lib/api/api_guard.rb
index 9ada2d5ebb1..9c68830ae34 100644
--- a/lib/api/api_guard.rb
+++ b/lib/api/api_guard.rb
@@ -45,6 +45,7 @@ module API
       include Gitlab::Utils::StrongMemoize
 
       def find_current_user!
+        set_raise_unauthorized_error
         user = find_user_from_access_token || find_user_from_warden
         return unless user
 
@@ -74,12 +75,6 @@ module API
 
       private
 
-      def handle_return_value!(value, &block)
-        raise UnauthorizedError unless value
-
-        block_given? ? yield(value) : value
-      end
-
       def private_token
         params[PRIVATE_TOKEN_PARAM].presence || env[PRIVATE_TOKEN_HEADER].presence
       end
diff --git a/lib/gitlab/auth/user_auth_finders.rb b/lib/gitlab/auth/user_auth_finders.rb
index 93f3cae0a95..86f1c13d4b8 100644
--- a/lib/gitlab/auth/user_auth_finders.rb
+++ b/lib/gitlab/auth/user_auth_finders.rb
@@ -29,7 +29,9 @@ module Gitlab
       private
 
       def handle_return_value!(value, &block)
-        return unless value
+        unless value
+          raise_unauthorized_error? ? raise_unauthorized_error! : return
+        end
 
         block_given? ? yield(value) : value
       end
@@ -75,6 +77,18 @@ module Gitlab
 
         ActionDispatch::Request.new(request.env)
       end
+
+      def raise_unauthorized_error?
+        defined?(@raise_unauthorized_error) ? @raise_unauthorized_error : false
+      end
+
+      def set_raise_unauthorized_error
+        @raise_unauthorized_error = true
+      end
+
+      def raise_unauthorized_error!
+        raise API::APIGuard::UnauthorizedError
+      end
     end
   end
 end
author	Francisco Lopez <fjlopez@gitlab.com>	2017-11-08 10:13:22 +0100
committer	Francisco Lopez <fjlopez@gitlab.com>	2017-11-17 10:01:21 +0100
commit	374179a97042da3a4d5312afcdb0dc90a44634f0 (patch)
tree	32c75aada478c764f4ebdd36f3b981f968d4f452 /lib
parent	41ebd06ddc837c80ba6ca95c6d5fea2b76cef8d2 (diff)
download	gitlab-ce-374179a97042da3a4d5312afcdb0dc90a44634f0.tar.gz