gitlab-org--gitlab-foss/lib/gitlab/bitbucket_import/key_deleter.rb
Stan Hu ed1d4fa477 Remove user OAuth tokens stored in database for Bitbucket, GitHub, and GitLab
and request them each session. Pass these tokens to the project import data.

This prevents the need to encrypt these tokens and clear them in case they
expire or get revoked.

For example, if you deleted and re-created OAuth2 keys for Bitbucket, you would get
an Error 500 with no way to recover:

```
Started GET "/import/bitbucket/status" for x.x.x.x at 2015-08-07 05:24:10 +0000
Processing by Import::BitbucketController#status as HTML
Completed 500 Internal Server Error in 607ms (ActiveRecord: 2.3ms)

NameError (uninitialized constant Import::BitbucketController::Unauthorized):
  app/controllers/import/bitbucket_controller.rb:77:in `rescue in go_to_bitbucket_for_permissions'
  app/controllers/import/bitbucket_controller.rb:74:in `go_to_bitbucket_for_permissions'
  app/controllers/import/bitbucket_controller.rb:86:in `bitbucket_unauthorized'
```

Closes #1871
2015-08-23 09:23:44 -07:00

26 lines
712 B
Ruby

module Gitlab
module BitbucketImport
class KeyDeleter
attr_reader :project, :current_user, :client
def initialize(project)
@project = project
@current_user = project.creator
import_data = project.import_data.try(:data)
bb_session = import_data["bb_session"] if import_data
@client = Client.new(bb_session["bitbucket_access_token"],
bb_session["bitbucket_access_token_secret"])
end
def execute
return false unless BitbucketImport.public_key.present?
client.delete_deploy_key(project.import_source, BitbucketImport.public_key)
true
rescue
false
end
end
end
end