Module: API::APIGuard::HelperMethods
- Includes:
- Gitlab::Auth::AuthFinders
- Defined in:
- lib/api/api_guard.rb
Overview
Helper Methods for Grape Endpoint
Constant Summary
Constants included from Gitlab::Auth::AuthFinders
Gitlab::Auth::AuthFinders::DEPLOY_TOKEN_HEADER, Gitlab::Auth::AuthFinders::JOB_TOKEN_HEADER, Gitlab::Auth::AuthFinders::JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_HEADER, Gitlab::Auth::AuthFinders::PRIVATE_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_JOB_TOKEN_PARAM, Gitlab::Auth::AuthFinders::RUNNER_TOKEN_PARAM
Instance Method Summary collapse
Methods included from Gitlab::Auth::AuthFinders
#cluster_agent_token_from_authorization_token, #deploy_token_from_request, #find_runner_from_token, #find_user_from_access_token, #find_user_from_basic_auth_job, #find_user_from_bearer_token, #find_user_from_feed_token, #find_user_from_job_token, #find_user_from_static_object_token, #find_user_from_warden, #find_user_from_web_access_token, #validate_access_token!
Methods included from Gitlab::Utils::StrongMemoize
#clear_memoization, #strong_memoize, #strong_memoized?
Instance Method Details
#access_token ⇒ Object
49 50 51 |
# File 'lib/api/api_guard.rb', line 49 def access_token super || find_personal_access_token_from_http_basic_auth end |
#find_current_user! ⇒ Object
53 54 55 56 57 58 59 60 61 62 63 64 65 |
# File 'lib/api/api_guard.rb', line 53 def find_current_user! user = find_user_from_sources return unless user # Sessions are enforced to be unavailable for API calls, so ignore them for admin mode Gitlab::Auth::CurrentUserMode.bypass_session!(user.id) if Feature.enabled?(:user_mode_in_session) unless api_access_allowed?(user) forbidden!((user)) end user end |
#find_user_from_sources ⇒ Object
67 68 69 70 71 72 73 74 |
# File 'lib/api/api_guard.rb', line 67 def find_user_from_sources strong_memoize(:find_user_from_sources) do deploy_token_from_request || find_user_from_bearer_token || find_user_from_job_token || user_from_warden end end |