From a9765fb47fbbd1e1070434fc06cc76b25a42caa6 Mon Sep 17 00:00:00 2001
From: Lin Jen-Shin <godfat@godfat.org>
Date: Wed, 16 Nov 2016 20:31:08 +0800
Subject: [PATCH] Introduce has_access_to? so that we could reuse it

Feedback:
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/7383#note_18439108
---
 app/helpers/projects_helper.rb | 4 ++--
 app/models/deploy_key.rb       | 6 +++++-
 app/models/user.rb             | 4 ++++
 lib/gitlab/auth/result.rb      | 3 +--
 lib/gitlab/git_access.rb       | 2 +-
 5 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index 42c00ec3cd5..5b08fc78cfc 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -93,10 +93,10 @@ module ProjectsHelper
   end
 
   def project_for_deploy_key(deploy_key)
-    if deploy_key.projects.include?(@project)
+    if deploy_key.has_access_to?(@project)
       @project
     else
-      deploy_key.projects.find { |project| can?(current_user, :read_project, project) }
+      deploy_key.projects.find(&current_user.method(:has_access_to?))
     end
   end
 
diff --git a/app/models/deploy_key.rb b/app/models/deploy_key.rb
index 503398f5cca..aaacbd28470 100644
--- a/app/models/deploy_key.rb
+++ b/app/models/deploy_key.rb
@@ -21,7 +21,11 @@ class DeployKey < Key
     self.private?
   end
 
+  def has_access_to?(project)
+    projects.include?(project)
+  end
+
   def can_push_to?(project)
-    can_push? && projects.include?(project)
+    can_push? && has_access_to?(project)
   end
 end
diff --git a/app/models/user.rb b/app/models/user.rb
index 3813df6684e..0e96ad88638 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -501,6 +501,10 @@ class User < ActiveRecord::Base
     several_namespaces? || admin
   end
 
+  def has_access_to?(project)
+    can?(:read_project, project)
+  end
+
   def can?(action, subject)
     Ability.allowed?(self, action, subject)
   end
diff --git a/lib/gitlab/auth/result.rb b/lib/gitlab/auth/result.rb
index 6be7f690676..39b86c61a18 100644
--- a/lib/gitlab/auth/result.rb
+++ b/lib/gitlab/auth/result.rb
@@ -9,8 +9,7 @@ module Gitlab
 
       def lfs_deploy_token?(for_project)
         type == :lfs_deploy_token &&
-          actor &&
-          actor.projects.include?(for_project)
+          actor.try(:has_access_to?, for_project)
       end
 
       def success?
diff --git a/lib/gitlab/git_access.rb b/lib/gitlab/git_access.rb
index 19bdfc878b1..a7ad944e79e 100644
--- a/lib/gitlab/git_access.rb
+++ b/lib/gitlab/git_access.rb
@@ -161,7 +161,7 @@ module Gitlab
 
     def can_read_project?
       if deploy_key
-        project.public? || deploy_key.projects.include?(project)
+        project.public? || deploy_key.has_access_to?(project)
       elsif user
         user_access.can_read_project?
       else
-- 
GitLab