Fix API Scoping
What does this MR do?
- API scopes are declared in
- This causes subtle ordering bugs, since
beforeblocks in parent classes are run before those in child classes
- Description of exact bug: https://gitlab.com/gitlab-org/gitlab-ce/issues/33580#note_32969050
- This MR attempts to fix this by moving declared scopes to the class level, so something like
Are there points in the code the reviewer needs to double check?
- Any downsides to storing
@scopesat the class level?
- Is it worth making each scope a class, rather than a hash?
- Any edge cases I haven't considered?
- Closes #33580 (closed)
- Closes #33022 (closed)
- Related EE merge request: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/2338
- Move scope declarations to the class level
Allow conditions like
Make sure the declarations run only once.
@scopesmust not grow with every request.
Test all endpoints calling out to
- Personal access tokens
- Doorkeeper tokens
- Access token validation service
- Test all endpoints calling out to
- CHANGELOG entry created
- API support added
Branch has no merge conflicts with
- Squashed related commits together
- Check for clean merge with EE
- Wait for merge