diff --git a/lib/gitlab/email/handler/create_issue.rb b/lib/gitlab/email/handler/create_issue.rb index 8829fbb0e49..72d49ec6c96 100644 --- a/lib/gitlab/email/handler/create_issue.rb +++ b/lib/gitlab/email/handler/create_issue.rb @@ -11,7 +11,6 @@ module Gitlab def execute validate_permission!(:create_issue) - validate_authentication_token! verify_record( create_issue, @@ -21,10 +20,7 @@ module Gitlab end def author - @author ||= mail.from.find do |email| - user = User.find_by_any_email(email) - break user if user - end + @author ||= User.find_by(authentication_token: authentication_token) end def project @@ -48,11 +44,6 @@ module Gitlab description: message ).execute end - - def validate_authentication_token! - raise UserNotAuthorizedError unless author.authentication_token == - authentication_token - end end end end diff --git a/spec/lib/gitlab/email/receiver_spec.rb b/spec/lib/gitlab/email/receiver_spec.rb index e892da7bb46..a9e2be0ad47 100644 --- a/spec/lib/gitlab/email/receiver_spec.rb +++ b/spec/lib/gitlab/email/receiver_spec.rb @@ -224,11 +224,11 @@ describe Gitlab::Email::Receiver, lib: true do end end - context "when the authentication_token token didn't match" do + context "when we can't find the authentication_token" do let!(:email_raw) { fixture_file("emails/wrong_authentication_token.eml") } - it "raises an UserNotAuthorizedError" do - expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotAuthorizedError) + it "raises an UserNotFoundError" do + expect { receiver.execute }.to raise_error(Gitlab::Email::UserNotFoundError) end end