2020-07-28 23:09:34 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module API
|
|
|
|
|
module Helpers
|
|
|
|
|
module Packages
|
|
|
|
|
module BasicAuthHelpers
|
2020-10-24 23:57:45 +05:30
|
|
|
extend ::Gitlab::Utils::Override
|
|
|
|
|
|
2020-07-28 23:09:34 +05:30
|
|
|
module Constants
|
2021-02-22 17:27:13 +05:30
|
|
|
AUTHENTICATE_REALM_HEADER = 'WWW-Authenticate'
|
|
|
|
|
AUTHENTICATE_REALM_NAME = 'Basic realm="GitLab Packages Registry"'
|
2020-07-28 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
|
|
|
|
|
include Constants
|
|
|
|
|
|
|
|
|
|
def unauthorized_user_project
|
|
|
|
|
@unauthorized_user_project ||= find_project(params[:id])
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def unauthorized_user_project!
|
|
|
|
|
unauthorized_user_project || not_found!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorized_user_project
|
|
|
|
|
@authorized_user_project ||= authorized_project_find!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorized_project_find!
|
|
|
|
|
project = unauthorized_user_project
|
|
|
|
|
|
|
|
|
|
unless project && can?(current_user, :read_project, project)
|
|
|
|
|
return unauthorized_or! { not_found! }
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
project
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def authorize!(action, subject = :global, reason = nil)
|
|
|
|
|
return if can?(current_user, action, subject)
|
|
|
|
|
|
|
|
|
|
unauthorized_or! { forbidden!(reason) }
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def unauthorized_or!
|
2020-10-24 23:57:45 +05:30
|
|
|
current_user ? yield : unauthorized!
|
2020-07-28 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
|
2020-10-24 23:57:45 +05:30
|
|
|
override :unauthorized!
|
|
|
|
|
def unauthorized!
|
2020-07-28 23:09:34 +05:30
|
|
|
header(AUTHENTICATE_REALM_HEADER, AUTHENTICATE_REALM_NAME)
|
2020-10-24 23:57:45 +05:30
|
|
|
super
|
2020-07-28 23:09:34 +05:30
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
