diff options
| author | Sean McGivern <sean@gitlab.com> | 2018-10-24 10:14:16 +0100 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2018-10-26 14:11:32 +0100 |
| commit | ac4d838a0a5ba5c0a9428d5a8041666008af21d8 (patch) | |
| tree | 4a2667c0df23bf3470b6948c80c2d9c1b7d4f597 | |
| parent | 02268a85be615877b9080a8c931ad93ae73ef2e2 (diff) | |
| download | gitlab-ce-extract-ee-specific-lines-for-issues-and-mr-controllers.tar.gz | |
Extract EE-specific lines from MRs controllerextract-ee-specific-lines-for-issues-and-mr-controllers
Move access checks to their own method so they can be overridden, and
port an EE-only method to exist in CE too, with an EE-specific override.
| -rw-r--r-- | app/controllers/projects/merge_requests_controller.rb | 14 | ||||
| -rw-r--r-- | app/services/merge_requests/merge_service.rb | 5 |
2 files changed, 18 insertions, 1 deletions
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 757b03d0b0e..94cd4f1fe9a 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -168,7 +168,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo end def merge - return access_denied! unless @merge_request.can_be_merged_by?(current_user) + access_check_result = merge_access_check + + return access_check_result if access_check_result status = merge! @@ -256,6 +258,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo return :failed end + merge_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params) + + unless merge_service.hooks_validation_pass?(@merge_request) + return :hook_validation_error + end + return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha @merge_request.update(merge_error: nil, squash: merge_params.fetch(:squash, false)) @@ -318,6 +326,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo access_denied! unless access_check end + def merge_access_check + access_denied! unless @merge_request.can_be_merged_by?(current_user) + end + def whitelist_query_limiting # Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441 Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438') diff --git a/app/services/merge_requests/merge_service.rb b/app/services/merge_requests/merge_service.rb index fb44f809c41..70a67baa01c 100644 --- a/app/services/merge_requests/merge_service.rb +++ b/app/services/merge_requests/merge_service.rb @@ -49,6 +49,11 @@ module MergeRequests end end + # Overridden in EE. + def hooks_validation_pass?(_merge_request) + true + end + private def error_check! |