Combine `API::Helpers::Core` and `API::Helpers::Authentication` back into `API::Helpers`

- Makes the MR easier to read; this can go in a separate MR - This is a (sort of) revert of 99bea01

Combine `API::Helpers::Core` and `API::Helpers::Authentication` back into `API::Helpers`
b22a47c6 · Timothy Andrew · fc4bce75 · b22a47c6 · b22a47c6 · fc4bce75
Commit b22a47c6 authored Apr 25, 2016 by Timothy Andrew
6 changed files
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
 Dir["#{Rails.root}/lib/api/*.rb"].each {|file| require file}
-Dir["#{Rails.root}/lib/api/helpers/*.rb"].each {|file| require file}

 module API
  class API < Grape::API
@@ -26,8 +25,7 @@ module API
    format :json
    content_type :txt, "text/plain"

-    helpers Helpers::Core
-    helpers Helpers::Authentication
+    helpers Helpers

    mount Groups
    mount GroupMembers

--- a/lib/api/helpers/core.rb
+++ b/lib/api/helpers/core.rb
--- a/lib/api/helpers/authentication.rb
+++ b/lib/api/helpers/authentication.rb
-module API
-  module Helpers
-    module Authentication
-      PRIVATE_TOKEN_HEADER = "HTTP_PRIVATE_TOKEN"
-      PRIVATE_TOKEN_PARAM = :private_token
-      SUDO_HEADER ="HTTP_SUDO"
-      SUDO_PARAM = :sudo
-      PERSONAL_ACCESS_TOKEN_PARAM = :personal_access_token
-      PERSONAL_ACCESS_TOKEN_HEADER = "HTTP_PERSONAL_ACCESS_TOKEN"
-
-      def find_user_by_private_token
-        private_token = (params[PRIVATE_TOKEN_PARAM] || env[PRIVATE_TOKEN_HEADER]).to_s
-        User.find_by_authentication_token(private_token)
-      end
-
-      def find_user_by_personal_access_token
-        personal_access_token_string = (params[PERSONAL_ACCESS_TOKEN_PARAM] || env[PERSONAL_ACCESS_TOKEN_HEADER]).to_s
-        personal_access_token = PersonalAccessToken.active.find_by_token(personal_access_token_string)
-        personal_access_token.user if personal_access_token
-      end
-
-      def current_user
-        @current_user ||= (find_user_by_private_token || find_user_by_personal_access_token || doorkeeper_guard)
-
-        unless @current_user && Gitlab::UserAccess.allowed?(@current_user)
-          return nil
-        end
-
-        identifier = sudo_identifier()
-
-        # If the sudo is the current user do nothing
-        if identifier && !(@current_user.id == identifier || @current_user.username == identifier)
-          render_api_error!('403 Forbidden: Must be admin to use sudo', 403) unless @current_user.is_admin?
-          @current_user = User.by_username_or_id(identifier)
-          not_found!("No user id or username for: #{identifier}") if @current_user.nil?
-        end
-
-        @current_user
-      end
-
-      def sudo_identifier()
-        identifier ||= params[SUDO_PARAM] || env[SUDO_HEADER]
-
-        # Regex for integers
-        if !!(identifier =~ /\A[0-9]+\z/)
-          identifier.to_i
-        else
-          identifier
-        end
-      end
-    end
-  end
-end
--- a/lib/ci/api/api.rb
+++ b/lib/ci/api/api.rb
@@ -28,8 +28,7 @@ module Ci
      format :json

      helpers ::Ci::API::Helpers
-      helpers ::API::Helpers::Core
-      helpers ::API::Helpers::Authentication
+      helpers ::API::Helpers
      helpers Gitlab::CurrentSettings

      mount Builds

--- a/spec/requests/api/api_authentication_spec.rb
+++ b/spec/requests/api/api_authentication_spec.rb
 require 'spec_helper'

-describe API::Helpers::Authentication, api: true do
+describe API::Helpers, api: true do

-  include API::Helpers::Authentication
+  include API::Helpers
  include ApiHelpers

  let(:user) { create(:user) }
@@ -15,25 +15,25 @@ describe API::Helpers::Authentication, api: true do
  def set_env(token_usr, identifier)
    clear_env
    clear_param
-    env[API::Helpers::Authentication::PRIVATE_TOKEN_HEADER] = token_usr.private_token
-    env[API::Helpers::Authentication::SUDO_HEADER] = identifier
+    env[API::Helpers::PRIVATE_TOKEN_HEADER] = token_usr.private_token
+    env[API::Helpers::SUDO_HEADER] = identifier
  end

  def set_param(token_usr, identifier)
    clear_env
    clear_param
-    params[API::Helpers::Authentication::PRIVATE_TOKEN_PARAM] = token_usr.private_token
-    params[API::Helpers::Authentication::SUDO_PARAM] = identifier
+    params[API::Helpers::PRIVATE_TOKEN_PARAM] = token_usr.private_token
+    params[API::Helpers::SUDO_PARAM] = identifier
  end

  def clear_env
-    env.delete(API::Helpers::Authentication::PRIVATE_TOKEN_HEADER)
-    env.delete(API::Helpers::Authentication::SUDO_HEADER)
+    env.delete(API::Helpers::PRIVATE_TOKEN_HEADER)
+    env.delete(API::Helpers::SUDO_HEADER)
  end

  def clear_param
-    params.delete(API::Helpers::Authentication::PRIVATE_TOKEN_PARAM)
-    params.delete(API::Helpers::Authentication::SUDO_PARAM)
+    params.delete(API::Helpers::PRIVATE_TOKEN_PARAM)
+    params.delete(API::Helpers::SUDO_PARAM)
  end

  def error!(message, status)
@@ -43,22 +43,22 @@ describe API::Helpers::Authentication, api: true do
  describe ".current_user" do
    describe "when authenticating using a user's private token" do
      it "should return nil for an invalid token" do
-        env[API::Helpers::Authentication::PRIVATE_TOKEN_HEADER] = 'invalid token'
+        env[API::Helpers::PRIVATE_TOKEN_HEADER] = 'invalid token'
        allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
        expect(current_user).to be_nil
      end

      it "should return nil for a user without access" do
-        env[API::Helpers::Authentication::PRIVATE_TOKEN_HEADER] = user.private_token
+        env[API::Helpers::PRIVATE_TOKEN_HEADER] = user.private_token
        allow(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
        expect(current_user).to be_nil
      end

      it "should leave user as is when sudo not specified" do
-        env[API::Helpers::Authentication::PRIVATE_TOKEN_HEADER] = user.private_token
+        env[API::Helpers::PRIVATE_TOKEN_HEADER] = user.private_token
        expect(current_user).to eq(user)
        clear_env
-        params[API::Helpers::Authentication::PRIVATE_TOKEN_PARAM] = user.private_token
+        params[API::Helpers::PRIVATE_TOKEN_PARAM] = user.private_token
        expect(current_user).to eq(user)
      end
    end
@@ -67,35 +67,35 @@ describe API::Helpers::Authentication, api: true do
      let(:personal_access_token) { create(:personal_access_token, user: user) }

      it "should return nil for an invalid token" do
-        env[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_HEADER] = 'invalid token'
+        env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = 'invalid token'
        allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
        expect(current_user).to be_nil
      end

      it "should return nil for a user without access" do
-        env[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
+        env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
        allow(Gitlab::UserAccess).to receive(:allowed?).and_return(false)
        expect(current_user).to be_nil
      end

      it "should leave user as is when sudo not specified" do
-        env[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
+        env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
        expect(current_user).to eq(user)
        clear_env
-        params[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_PARAM] = personal_access_token.token
+        params[API::Helpers::PERSONAL_ACCESS_TOKEN_PARAM] = personal_access_token.token
        expect(current_user).to eq(user)
      end

      it 'does not allow revoked tokens' do
        personal_access_token.revoke!
-        env[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
+        env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
        allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
        expect(current_user).to be_nil
      end

      it 'does not allow expired tokens' do
        personal_access_token.update_attributes!(expires_at: 1.day.ago)
-        env[API::Helpers::Authentication::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
+        env[API::Helpers::PERSONAL_ACCESS_TOKEN_HEADER] = personal_access_token.token
        allow_any_instance_of(self.class).to receive(:doorkeeper_guard){ false }
        expect(current_user).to be_nil
      end

--- a/spec/requests/api/users_spec.rb
+++ b/spec/requests/api/users_spec.rb
@@ -24,7 +24,7 @@ describe API::API, api: true  do
      context "when public level is restricted" do
        before do
          stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
-          allow_any_instance_of(API::Helpers::Authentication).to receive(:authenticate!).and_return(true)
+          allow_any_instance_of(API::Helpers).to receive(:authenticate!).and_return(true)
        end

        it "renders 403" do