Refactor LfsRequest - Follow-up from "Fix Git-over-HTTP rejections"

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

The LfsRequest controller concern used to have a lot of similarities with Projects::GitHttpController. Projects::GitHttpController was refactored to put all of the responsibility for authorization in GitAccess.

We should do the same for LfsRequest for the DRY principle. Particularly because we risk being inconsistent with authorization rules.

---

This came out of the following discussion from gitlab-ce!11398:

• @DouweM started a discussion: (+3 comments)

  Refactoring LfsRequest in a similar way to this controller seems like a good idea, but it can be a separate MR.