Fixes for Geo API and whitelisted it on the readonly middleware

lib/api/api.rb

@@ -27,6 +27,7 @@ module API
 
     helpers Helpers
 
+    mount Geo
     mount Groups
     mount GroupMembers
     mount Users

lib/api/geo.rb

@@ -10,9 +10,8 @@ module API
       # Example request:
       #   POST /refresh_projects
       post 'refresh_projects' do
-        attrs = attributes_for_keys [:projects]
-
-        Geo::ScheduleRepoUpdateService.new(attrs[:projects]).execute
+        required_attributes! [:projects]
+        ::Geo::ScheduleRepoUpdateService.new(params[:projects]).execute
       end
     end
   end

lib/gitlab/middleware/readonly_geo.rb

@@ -25,7 +25,7 @@ module Gitlab
       private
 
       def disallowed_request?
-        DISALLOWED_METHODS.include?(@env['REQUEST_METHOD']) && !logout_route
+        DISALLOWED_METHODS.include?(@env['REQUEST_METHOD']) && !whitelisted_routes
       end
 
       def rack_flash
@@ -48,6 +48,10 @@ module Gitlab
         @route_hash ||= Rails.application.routes.recognize_path(request.url, { method: request.request_method }) rescue {}
       end
 
+      def whitelisted_routes
+        logout_route || @request.path.include?('api/v3/geo/refresh_projects')
+      end
+
       def logout_route
         route_hash[:controller] == 'sessions' && route_hash[:action] == 'destroy'
       end