Merge branch 'access-token-api' into 'master'

Refactor access_token usage for API requests This MR refactors GitLab API usage to use either access_token or private_token. It also allows to use access_token when executing GitLab CI API. /cc @vsizov @dzaporozhets See merge request !226

Merge branch 'access-token-api' into 'master'
99d6329a · Kamil Trzciński · f7dbf6d1 · 3534f0bc · 99d6329a · 99d6329a
Commit 99d6329a authored 9 years ago by Kamil Trzciński
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -5,6 +5,8 @@ v7.14.0 (unreleased)
  - Randomize test database for CI tests
  - Make YAML validation stricter
  - Use avatars received from GitLab
+  - Refactor GitLab API usage to use either access_token or private_token depending on what was specified during login
+  - Allow to use access_token for API requests
  
 v7.13.1
  - Fix: user could steal specific runner

--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -79,7 +79,7 @@ class ProjectsController < ApplicationController
  
  def destroy
    project.destroy
-    Network.new.disable_ci(project.gitlab_id, current_user.access_token)
+    Network.new.disable_ci(project.gitlab_id, current_user.authenticate_options)
  
    EventService.new.remove_project(current_user, project)
  

--- a/app/models/network.rb
+++ b/app/models/network.rb
@@ -82,11 +82,15 @@ class Network
    end
  end
  
-  def disable_ci(project_id, access_token)
-    query = "projects/#{project_id}/services/gitlab-ci.json?access_token=#{access_token}"
+  def disable_ci(project_id, api_opts)
+    opts = {
+      query: api_opts
+    }
+
+    query = "projects/#{project_id}/services/gitlab-ci.json"
  
    endpoint = File.join(url, API_PREFIX, query)
-    response = self.class.delete(endpoint, default_opts)
+    response = self.class.delete(endpoint, default_opts.merge(opts))
  
    build_response(response)
  end

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -87,12 +87,7 @@ ls -la
    end
  
    def from_gitlab(user, scope = :owned, options)
-      opts = if user.access_token
-               { access_token: user.access_token }
-             else
-               { private_token: user.private_token }
-             end
-      
+      opts = user.authenticate_options
      opts.merge! options
  
      projects = Network.new.projects(opts.compact, scope)

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -60,12 +60,8 @@ class User
  end
  
  def can_manage_project?(project_gitlab_id)
-    opts = {
-      access_token: self.access_token,
-    }
-
    Rails.cache.fetch(cache_key('manage', project_gitlab_id, sync_at)) do
-      !!Network.new.project_hooks(opts, project_gitlab_id)
+      !!Network.new.project_hooks(authenticate_options, project_gitlab_id)
    end
  end
  
@@ -81,15 +77,19 @@ class User
    end
  end
  
+  def authenticate_options
+    if attributes['access_token']
+      { access_token: attributes['access_token'] }
+    else
+      { private_token: attributes['private_token'] }
+    end
+  end
+
  private
  
  def project_info(project_gitlab_id)
-    opts = {
-      access_token: self.access_token,
-    }
-
    Rails.cache.fetch(cache_key("project_info", project_gitlab_id, sync_at)) do
-      Network.new.project(opts, project_gitlab_id)
+      Network.new.project(authenticate_options, project_gitlab_id)
    end
  end
 end
--- a/app/services/create_project_service.rb
+++ b/app/services/create_project_service.rb
@@ -12,13 +12,7 @@ class CreateProjectService
        project_url: project_route.gsub(":project_id", @project.id.to_s),
      }
  
-      auth_opts = if current_user.access_token
-                    { access_token: current_user.access_token }
-                  else
-                    { private_token: current_user.private_token }
-                  end
-
-      unless Network.new.enable_ci(@project.gitlab_id, data, auth_opts)
+      unless Network.new.enable_ci(@project.gitlab_id, data, current_user.authenticate_options)
        raise ActiveRecord::Rollback
      end
    end

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -2,14 +2,17 @@ module API
  module Helpers
    PRIVATE_TOKEN_PARAM = :private_token
    PRIVATE_TOKEN_HEADER = "HTTP_PRIVATE_TOKEN"
+    ACCESS_TOKEN_PARAM = :access_token
+    ACCESS_TOKEN_HEADER = "HTTP_ACCESS_TOKEN"
    UPDATE_RUNNER_EVERY = 60
  
    def current_user
      @current_user ||= begin
        options = {
-          private_token: (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER])
+          access_token: (params[ACCESS_TOKEN_PARAM] || env[ACCESS_TOKEN_HEADER]),
+          private_token: (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]),
        }
-        UserSession.new.authenticate(options)
+        UserSession.new.authenticate(options.compact)
      end
    end