diff options
author | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2016-03-24 08:09:39 +0100 |
---|---|---|
committer | Grzegorz Bizon <grzesiek.bizon@gmail.com> | 2016-03-25 10:42:00 +0100 |
commit | 6f894bec097a4cfa378cee908d81f3cba67a09e5 (patch) | |
tree | 21220ce4f879ee2408e94530b7c8f0eb2a3c8fd1 | |
parent | 63c8a05bf7f18ac4093ece1f08b4b5fd8dba5fac (diff) | |
download | gitlab-ce-6f894bec097a4cfa378cee908d81f3cba67a09e5.tar.gz |
Add definition of before action that has been moved
Closes #14528
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | app/controllers/ci/projects_controller.rb | 6 | ||||
-rw-r--r-- | spec/controllers/ci/projects_controller_spec.rb | 10 |
3 files changed, 16 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG index 5d9f4961ef5..7c3727a6896 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -7,6 +7,7 @@ v 8.7.0 (unreleased) v 8.6.2 (unreleased) - Comments on confidential issues don't show up in activity feed to non-members + - Fix NoMethodError when visiting CI root path at `/ci` v 8.6.1 - Add option to reload the schema before restoring a database backup. !2807 diff --git a/app/controllers/ci/projects_controller.rb b/app/controllers/ci/projects_controller.rb index 081e01a75e0..c0e7f434ff5 100644 --- a/app/controllers/ci/projects_controller.rb +++ b/app/controllers/ci/projects_controller.rb @@ -1,8 +1,8 @@ module Ci class ProjectsController < Ci::ApplicationController before_action :project - before_action :authorize_read_project!, except: [:badge] before_action :no_cache, only: [:badge] + before_action :authorize_read_project!, except: [:badge, :index] skip_before_action :authenticate_user!, only: [:badge] protect_from_forgery @@ -35,5 +35,9 @@ module Ci response.headers["Pragma"] = "no-cache" response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" end + + def authorize_read_project! + return access_denied! unless can?(current_user, :read_project, project) + end end end diff --git a/spec/controllers/ci/projects_controller_spec.rb b/spec/controllers/ci/projects_controller_spec.rb index db0748f323f..9a886e4c124 100644 --- a/spec/controllers/ci/projects_controller_spec.rb +++ b/spec/controllers/ci/projects_controller_spec.rb @@ -5,6 +5,16 @@ describe Ci::ProjectsController do let!(:project) { create(:project, visibility, ci_id: 1) } let(:ci_id) { project.ci_id } + describe '#index' do + let(:user) { create(:user) } + before { sign_in(user) } + before { get(:index) } + + it 'returns 200' do + expect(response.status).to eq 200 + end + end + ## # Specs for *deprecated* CI badge # |