Refactored handling of the `LfsToken` and added functionality to it to simplify external code.

c25630ee · Patricio Cano · 48f1a61f · c25630ee · c25630ee · c25630ee
Commit c25630ee authored Aug 30, 2016 by Patricio Cano
5 changed files
--- a/app/helpers/lfs_helper.rb
+++ b/app/helpers/lfs_helper.rb
@@ -25,9 +25,7 @@ module LfsHelper
  def lfs_download_access?
    return false unless project.lfs_enabled?
-    return true if project.public?
+    return true if project.public? || ci? || lfs_deploy_key?
-    return true if ci?
-    return true if lfs_deploy_key?
    (user && user.can?(:download_code, project))
  end

--- a/lib/api/internal.rb
+++ b/lib/api/internal.rb
@@ -80,16 +80,18 @@ module API
        key = Key.find(params[:key_id])
        user = key.user
-        if user
+        token_handler =
-          token = Gitlab::LfsToken.new(user).generate
+          if user
-          response = { username: user.username, lfs_token: token }
+            Gitlab::LfsToken.new(user)
-        else
+          else
-          token = Gitlab::LfsToken.new(key).generate
+            Gitlab::LfsToken.new(key)
-          response = { username: "lfs-deploy-key-#{key.id}", lfs_token: token }
+          end
-        end
-        response[:repository_http_path] = project.http_url_to_repo
+        {
-        response
+          username: token_handler.actor_name,
+          lfs_token: token_handler.generate,
+          repository_http_path: project.http_url_to_repo
+        }
      end
      get "/merge_request_urls" do

--- a/lib/gitlab/auth.rb
+++ b/lib/gitlab/auth.rb
@@ -117,15 +117,16 @@ module Gitlab
      end
      def lfs_token_check(login, password)
-        if login.include?('lfs-deploy-key')
+        actor =
-          key = DeployKey.find(login.gsub('lfs-deploy-key-', ''))
+          if login.include?('lfs-deploy-key')
-          token = Gitlab::LfsToken.new(key).value
+            DeployKey.find(login.gsub('lfs-deploy-key-', ''))
-          Result.new(key, :lfs_deploy_token) if key && token == password
+          else
-        else
+            User.by_login(login)
-          user = User.by_login(login)
+          end
-          token = Gitlab::LfsToken.new(user).value
-          Result.new(user, :lfs_token) if user && token == password
+        token_handler = Gitlab::LfsToken.new(actor)
-        end
+        Result.new(actor, token_handler.type) if actor && token_handler.value == password
      end
    end
  end

--- a/lib/gitlab/lfs_token.rb
+++ b/lib/gitlab/lfs_token.rb
@@ -22,6 +22,14 @@ module Gitlab
      end
    end
+    def type
+      actor.is_a?(User) ? :lfs_token : :lfs_deploy_token
+    end
+    def actor_name
+      actor.is_a?(User) ? actor.username : "lfs-deploy-key-#{actor.id}"
+    end
    private
    def redis_key

--- a/spec/lib/gitlab/lfs_token_spec.rb
+++ b/spec/lib/gitlab/lfs_token_spec.rb
@@ -23,6 +23,14 @@ describe Gitlab::LfsToken, lib: true do
      let(:handler) { described_class.new(actor) }
      it_behaves_like 'an LFS token generator'
+      it 'returns the correct username' do
+        expect(handler.actor_name).to eq(actor.username)
+      end
+      it 'returns the correct token type' do
+        expect(handler.type).to eq(:lfs_token)
+      end
    end
    context 'when the actor is a deploy key' do
@@ -30,6 +38,14 @@ describe Gitlab::LfsToken, lib: true do
      let(:handler) { described_class.new(actor) }
      it_behaves_like 'an LFS token generator'
+      it 'returns the correct username' do
+        expect(handler.actor_name).to eq("lfs-deploy-key-#{actor.id}")
+      end
+      it 'returns the correct token type' do
+        expect(handler.type).to eq(:lfs_deploy_token)
+      end
    end
  end
 end