diff options
| author | Sean McGivern <sean@gitlab.com> | 2017-02-06 12:17:26 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2017-02-06 12:17:26 +0000 |
| commit | a08bbcbc4417baf0316e77501b44e5db6d75fe9a (patch) | |
| tree | 7a0cdcc765d1d0ffdcd3aedf541621b784b8036d | |
| parent | 572fb0be9b1d45437b7c0ed1000399657f471ec7 (diff) | |
| download | gitlab-ce-snippet-spam-fix.tar.gz | |
Don't render snippet actions for logged-out userssnippet-spam-fix
| -rw-r--r-- | app/views/projects/snippets/_actions.html.haml | 2 | ||||
| -rw-r--r-- | app/views/snippets/_actions.html.haml | 46 |
2 files changed, 25 insertions, 23 deletions
diff --git a/app/views/projects/snippets/_actions.html.haml b/app/views/projects/snippets/_actions.html.haml index e2a5107a883..dde2e2b644d 100644 --- a/app/views/projects/snippets/_actions.html.haml +++ b/app/views/projects/snippets/_actions.html.haml @@ -1,3 +1,5 @@ +- return unless current_user + .hidden-xs - if can?(current_user, :update_project_snippet, @snippet) = link_to edit_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-grouped" do diff --git a/app/views/snippets/_actions.html.haml b/app/views/snippets/_actions.html.haml index 9a9a3ff9220..855a995afa9 100644 --- a/app/views/snippets/_actions.html.haml +++ b/app/views/snippets/_actions.html.haml @@ -1,3 +1,5 @@ +- return unless current_user + .hidden-xs - if can?(current_user, :update_personal_snippet, @snippet) = link_to edit_snippet_path(@snippet), class: "btn btn-grouped" do @@ -5,29 +7,27 @@ - if can?(current_user, :admin_personal_snippet, @snippet) = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, class: "btn btn-grouped btn-inverted btn-remove", title: 'Delete Snippet' do Delete - - if current_user - = link_to new_snippet_path, class: "btn btn-grouped btn-inverted btn-create", title: "New snippet" do - New snippet + = link_to new_snippet_path, class: "btn btn-grouped btn-inverted btn-create", title: "New snippet" do + New snippet - if @snippet.submittable_as_spam? && current_user.admin? = link_to 'Submit as spam', mark_as_spam_snippet_path(@snippet), method: :post, class: 'btn btn-grouped btn-spam', title: 'Submit as spam' -- if current_user - .visible-xs-block.dropdown - %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } } - Options - = icon('caret-down') - .dropdown-menu.dropdown-menu-full-width - %ul +.visible-xs-block.dropdown + %button.btn.btn-default.btn-block.append-bottom-0.prepend-top-5{ data: { toggle: "dropdown" } } + Options + = icon('caret-down') + .dropdown-menu.dropdown-menu-full-width + %ul + %li + = link_to new_snippet_path, title: "New snippet" do + New snippet + - if can?(current_user, :admin_personal_snippet, @snippet) %li - = link_to new_snippet_path, title: "New snippet" do - New snippet - - if can?(current_user, :admin_personal_snippet, @snippet) - %li - = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do - Delete - - if can?(current_user, :update_personal_snippet, @snippet) - %li - = link_to edit_snippet_path(@snippet) do - Edit - - if @snippet.submittable_as_spam? && current_user.admin? - %li - = link_to 'Submit as spam', mark_as_spam_snippet_path(@snippet), method: :post + = link_to snippet_path(@snippet), method: :delete, data: { confirm: "Are you sure?" }, title: 'Delete Snippet' do + Delete + - if can?(current_user, :update_personal_snippet, @snippet) + %li + = link_to edit_snippet_path(@snippet) do + Edit + - if @snippet.submittable_as_spam? && current_user.admin? + %li + = link_to 'Submit as spam', mark_as_spam_snippet_path(@snippet), method: :post |