diff options
author | http://jneen.net/ <jneen@jneen.net> | 2016-08-18 16:12:32 -0700 |
---|---|---|
committer | http://jneen.net/ <jneen@jneen.net> | 2016-08-23 17:59:38 -0700 |
commit | 8023ac8ccc293e0e70266b36b99b44d32dbea8ea (patch) | |
tree | a8b71b8607bec3c501660d30d79d5a338afa7d73 | |
parent | 5fc733b25a00790f756d3edf6aad56a5027fb1de (diff) | |
download | gitlab-ce-8023ac8ccc293e0e70266b36b99b44d32dbea8ea.tar.gz |
use a nil subject when we want to check global abilities
-rw-r--r-- | lib/api/groups.rb | 2 | ||||
-rw-r--r-- | lib/api/helpers.rb | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/lib/api/groups.rb b/lib/api/groups.rb index 9d8b8d737a9..f981ec0dbfe 100644 --- a/lib/api/groups.rb +++ b/lib/api/groups.rb @@ -30,7 +30,7 @@ module API # Example Request: # POST /groups post do - authorize! :create_group, current_user + authorize! :create_group required_attributes! [:name, :path] attrs = attributes_for_keys [:name, :path, :description, :visibility_level] diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 8f735376bc6..a0b9a490ea8 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -129,7 +129,7 @@ module API forbidden! unless current_user.is_admin? end - def authorize!(action, subject) + def authorize!(action, subject = nil) forbidden! unless can?(current_user, action, subject) end |