diff options
| author | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-10-11 14:39:32 -0300 |
|---|---|---|
| committer | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-10-19 14:58:26 -0200 |
| commit | 504682db9e2dd99fe827940ac18d5ea8030ae49c (patch) | |
| tree | 0d161a46e06decba48e520a4bdcbe548bf6efbc9 | |
| parent | 933ebb8f9b289cc077e4d16fd62e1e7b04bc10de (diff) | |
| download | gitlab-ce-504682db9e2dd99fe827940ac18d5ea8030ae49c.tar.gz | |
Limit what label fields we expose on Dashboard::LabelsController#index
| -rw-r--r-- | app/controllers/dashboard/labels_controller.rb | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/dashboard/labels_controller.rb b/app/controllers/dashboard/labels_controller.rb index 05f7bc37952..d5031da867a 100644 --- a/app/controllers/dashboard/labels_controller.rb +++ b/app/controllers/dashboard/labels_controller.rb @@ -1,7 +1,9 @@ class Dashboard::LabelsController < Dashboard::ApplicationController def index + labels = LabelsFinder.new(current_user).execute + respond_to do |format| - format.json { render json: LabelsFinder.new(current_user).execute } + format.json { render json: labels.as_json(only: [:id, :title, :color]) } end end end |