BigW Consortium Gitlab

Commit 4407d3cf by Grzegorz Bizon

Add comment to container registry auth service

Comment explains why we still have authentication without user object there. The legacy authentication mechanism should be removed in 10.0.
parent 313e35e8
......@@ -107,6 +107,11 @@ module Auth
can?(current_user, :read_container_image, requested_project)
end
##
# We still support legacy pipeline triggers which do not have associated
# actor. New permissions model and new triggers are always associated with
# an actor, so this should be improved in 10.0 version of GitLab.
#
def build_can_push?(requested_project)
# Build can push only to the project from which it originates
has_authentication_ability?(:build_create_container_image) &&
......@@ -119,14 +124,11 @@ module Auth
end
def error(code, status:, message: '')
{
errors: [{ code: code, message: message }],
http_status: status
}
{ errors: [{ code: code, message: message }], http_status: status }
end
def has_authentication_ability?(capability)
(@authentication_abilities || []).include?(capability)
@authentication_abilities.to_a.include?(capability)
end
end
end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment