diff options
| author | Timothy Andrew <mail@timothyandrew.net> | 2017-06-30 07:32:25 +0000 |
|---|---|---|
| committer | Timothy Andrew <mail@timothyandrew.net> | 2017-06-30 07:32:25 +0000 |
| commit | afbc7520c296196d0f3f95d4a24a9e42c0e41f3c (patch) | |
| tree | b24fcb7fff29f362cfe1976bf4e12a5330d83cb9 /lib | |
| parent | b8ec1f4201c74c500e4f7010b238c7920599da7a (diff) | |
| download | gitlab-ce-afbc7520c296196d0f3f95d4a24a9e42c0e41f3c.tar.gz | |
`AccessTokenValidationService` accepts `String` or `API::Scope` scopes.
- There's no need to use `API::Scope` for scopes that don't have `if`
conditions, such as in `lib/gitlab/auth.rb`.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/api/scope.rb | 2 | ||||
| -rw-r--r-- | lib/gitlab/auth.rb | 1 |
2 files changed, 1 insertions, 2 deletions
diff --git a/lib/api/scope.rb b/lib/api/scope.rb index c23846d1e7d..d5165b2e482 100644 --- a/lib/api/scope.rb +++ b/lib/api/scope.rb @@ -11,7 +11,7 @@ module API # Are the `scopes` passed in sufficient to adequately authorize the passed # request for the scope represented by the current instance of this class? def sufficient?(scopes, request) - verify_if_condition(request) && scopes.include?(self.name) + scopes.include?(self.name) && verify_if_condition(request) end private diff --git a/lib/gitlab/auth.rb b/lib/gitlab/auth.rb index 6d0d638ba14..ccb5d886bab 100644 --- a/lib/gitlab/auth.rb +++ b/lib/gitlab/auth.rb @@ -140,7 +140,6 @@ module Gitlab end def valid_scoped_token?(token, scopes) - scopes = scopes.map { |scope| API::Scope.new(scope) } AccessTokenValidationService.new(token).include_any_scope?(scopes) end |