From 8d900ade3832b3e2812f067ace19bad7fd286d54 Mon Sep 17 00:00:00 2001
From: Imre Farkas <ifarkas@gitlab.com>
Date: Fri, 26 Oct 2018 16:47:03 +0200
Subject: Remove PersonalAccessTokensFinder#find_by method

find_by_token is overriden by TokenAuthenticatable which can be easily
missed or confused with #find_by(:token) defined by ActiveRecord. First
step for safer usage is to remove #find_by.
---
 lib/api/users.rb | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

(limited to 'lib/api')

diff --git a/lib/api/users.rb b/lib/api/users.rb
index 47382b09207..2a56506f3a5 100644
--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -512,11 +512,9 @@ module API
               PersonalAccessTokensFinder.new({ user: user, impersonation: true }.merge(options))
             end
 
-            # rubocop: disable CodeReuse/ActiveRecord
             def find_impersonation_token
-              finder.find_by(id: declared_params[:impersonation_token_id]) || not_found!('Impersonation Token')
+              finder.find_by_id(declared_params[:impersonation_token_id]) || not_found!('Impersonation Token')
             end
-            # rubocop: enable CodeReuse/ActiveRecord
           end
 
           before { authenticated_as_admin! }
-- 
cgit v1.2.1