Fix job token authentication in EE

9c83df70 · Grzegorz Bizon · 2ed6b736 · 9c83df70
Commit 9c83df70 authored Dec 07, 2018 by Grzegorz Bizon
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 3 deletions

ee/lib/ee/gitlab/auth/user_auth_finders.rb ee/lib/ee/gitlab/auth/user_auth_finders.rb +1 -3

No files found.
--- a/ee/lib/ee/gitlab/auth/user_auth_finders.rb
+++ b/ee/lib/ee/gitlab/auth/user_auth_finders.rb
@@ -7,21 +7,19 @@ module EE
        JOB_TOKEN_HEADER = "HTTP_JOB_TOKEN".freeze
        JOB_TOKEN_PARAM = :job_token

-        # rubocop: disable CodeReuse/ActiveRecord
        def find_user_from_job_token
          return unless route_authentication_setting[:job_token_allowed]

          token = (params[JOB_TOKEN_PARAM] || env[JOB_TOKEN_HEADER]).to_s
          return unless token.present?

-          job = ::Ci::Build.find_by(token: token)
+          job = ::Ci::Build.find_by_token(token)
          raise ::Gitlab::Auth::UnauthorizedError unless job

          @job_token_authentication = true # rubocop:disable Gitlab/ModuleWithInstanceVariables

          job.user
        end
-        # rubocop: enable CodeReuse/ActiveRecord
      end
    end
  end