-
- Downloads
Prevent Deploy Tokens from accessing resources
This commit prevents it from access when the repository is disabled
Showing
- app/services/auth/container_registry_authentication_service.rb 1 addition, 0 deletions...ervices/auth/container_registry_authentication_service.rb
- changelogs/unreleased/security-deploy-token-can-read-disabled-repo.yml 5 additions, 0 deletions...released/security-deploy-token-can-read-disabled-repo.yml
- lib/gitlab/auth.rb 2 additions, 0 deletionslib/gitlab/auth.rb
- spec/lib/gitlab/auth_spec.rb 12 additions, 3 deletionsspec/lib/gitlab/auth_spec.rb
- spec/services/auth/container_registry_authentication_service_spec.rb 13 additions, 0 deletions...es/auth/container_registry_authentication_service_spec.rb