Commit graph

17 commits

Author SHA1 Message Date
James Edwards-Jones
69b9a879a1 TokenAuthenticatable allows non-unique tokens
Avoids needing an index to repeatedly check that
the token doesn't already exist when saving.
2018-10-31 17:28:42 +00:00
Imre Farkas
b9652d8e4d [master] Persist only SHA digest of PersonalAccessToken#token 2018-10-29 16:06:45 +00:00
gfyoung
15b878e27e Enable more frozen string in app/models/**/*.rb
Partially addresses #47424.
2018-08-07 00:37:36 -07:00
Toon Claes
d13669716a Create idea of read-only database
In GitLab EE, a GitLab instance can be read-only (e.g. when it's a Geo
secondary node). But in GitLab CE it also might be useful to have the
"read-only" idea around. So port it back to GitLab CE.

Also having the principle of read-only in GitLab CE would hopefully
lead to less errors introduced, doing write operations when there
aren't allowed for read-only calls.

Closes gitlab-org/gitlab-ce#37534.
2017-10-06 22:37:40 +02:00
Brian Neel
9770c57fab Re-enable SqlInjection and CommandInjection 2017-08-08 10:50:54 -04:00
DJ Mountney
fb5f7733f1 Allow users to seed the initial runner registration token using an environment variable
This is useful for when runner is bundled with gitlab, like in a kubernetes stack, and we want the runner to be able to
register with gitlab as soon as they both come up.
2016-12-01 17:21:21 -08:00
Douwe Maan
9d51421346 Use separate email-friendly token for incoming email and let incoming
email token be reset
2016-11-07 15:55:42 +00:00
Grzegorz Bizon
d6f6697744 Enable Rubocop cops for invalid access modifiers
This enables following cops:

Check for useless access modifiers

  Lint/UselessAccessModifier

Checks for attempts to use `private` or `protected` to set the
visibility of a class method, which does not work.

  Lint/IneffectiveAccessModifier

This also disables two false possitives in concerns.
2016-07-19 15:12:15 +02:00
Grzegorz Bizon
c0ebfea6ba Fix some useless access modifiers in the code 2016-07-19 14:16:54 +02:00
Grzegorz Bizon
3e6950481a Use method that creates runners registration token
`runners_registration_token` now creates a new token if it is blank.
2015-12-23 11:45:17 +01:00
Grzegorz Bizon
37731ba1a1 Add method that persist ensured token in TokenAuthenticatable 2015-12-23 10:47:18 +01:00
Grzegorz Bizon
76f7e80455 Fix method that ensures authentication token
Until now, `ensure_#{token_filed_name}` method didn't persist new token in database.

This closes #4235.
2015-12-23 09:37:01 +01:00
Gabriel Mazetto
b5291f9599 Fixed Rubocop offenses 2015-12-15 00:53:52 -02:00
Grzegorz Bizon
917effb737 Make sure that token ensure_* method always returns a token 2015-12-11 14:39:51 +01:00
Grzegorz Bizon
d90d3db32b Use save! when generating new token in TokenAuthenticatable 2015-12-11 10:39:39 +01:00
Grzegorz Bizon
9948e5bcdd Refactor TokenAuthenticatable to improve reusability
This adds a ability to use multiple different authentication token
fields in other models. From now on it is necessary to add
authentication token field manually in each class that implements this
mixin.
2015-12-11 10:39:39 +01:00
Marin Jankovski
4024aa8e81 Try to keep token authenticable compatibility 2014-07-09 14:42:25 +02:00