Module: API::APIGuard::HelperMethods

Includes:
Gitlab::Auth::AuthFinders
Defined in:
lib/api/api_guard.rb

Overview

Helper Methods for Grape Endpoint

Constant Summary

Constants included from Gitlab::Auth::AuthFinders

Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER, Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER, Gitlab::Auth::AuthFinders::JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::PATH_DEPENDENT_FEED_TOKEN_REGEX, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_TOKEN_PARAM

Instance Method Summary collapse

Methods included from Gitlab::Auth::AuthFinders

#cluster_agent_token_from_authorization_token, #deploy_token_from_request, #find_runner_from_token, #find_user_from_access_token, #find_user_from_basic_auth_job, #find_user_from_basic_auth_password, #find_user_from_bearer_token, #find_user_from_feed_token, #find_user_from_job_token, #find_user_from_lfs_token, #find_user_from_personal_access_token, #find_user_from_static_object_token, #find_user_from_warden, #find_user_from_web_access_token, #validate_access_token!

Instance Method Details

#access_tokenObject 



50
51
52
53
54
 
# File 'lib/api/api_guard.rb', line 50

def access_token
  strong_memoize(:api_guard_access_token) do
    super || find_personal_access_token_from_http_basic_auth
  end
end

#find_current_user!Object 



56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/api/api_guard.rb', line 56

def find_current_user!
  user = find_user_from_sources
  return unless user

  Gitlab::Auth::CurrentUserMode.bypass_session!(user.id) if bypass_session_for_admin_mode?(user)

  unless api_access_allowed?(user)
    forbidden!(api_access_denied_message(user))
  end

  user
end

#find_user_from_sourcesObject 



69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/api/api_guard.rb', line 69

def find_user_from_sources
  strong_memoize(:find_user_from_sources) do
    if try(:namespace_inheritable, :authentication)
      user_from_namespace_inheritable ||
        user_from_warden
    else
      deploy_token_from_request ||
        find_user_from_bearer_token ||
        find_user_from_job_token ||
        user_from_warden
    end
  end
end