diff options
author | Kamil Trzcinski <ayufan@ayufan.eu> | 2015-10-23 11:41:22 +0200 |
---|---|---|
committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2015-10-23 16:25:22 +0200 |
commit | 6b7d01d9ff1846350e43a9ca7f42fe0a613a2b9d (patch) | |
tree | 44a815b142e8f5f6663bbbb65fd405d476c9af95 | |
parent | f855755999ca7aa9eab6b066fc3fadf25e7cc236 (diff) | |
download | gitlab-ce-6b7d01d9ff1846350e43a9ca7f42fe0a613a2b9d.tar.gz |
Allow developer to manage builds
-rw-r--r-- | app/controllers/ci/application_controller.rb | 8 | ||||
-rw-r--r-- | app/controllers/projects/builds_controller.rb | 8 | ||||
-rw-r--r-- | app/controllers/projects/commit_controller.rb | 11 |
3 files changed, 17 insertions, 10 deletions
diff --git a/app/controllers/ci/application_controller.rb b/app/controllers/ci/application_controller.rb index 9be470660e6..848f2b4e314 100644 --- a/app/controllers/ci/application_controller.rb +++ b/app/controllers/ci/application_controller.rb @@ -8,14 +8,6 @@ module Ci private - def authenticate_public_page! - unless project.public - authenticate_user! - - return access_denied! unless can?(current_user, :read_project, gl_project) - end - end - def authenticate_token! unless project.valid_token?(params[:token]) return head(403) diff --git a/app/controllers/projects/builds_controller.rb b/app/controllers/projects/builds_controller.rb index ad0adc17866..7d72e0b951b 100644 --- a/app/controllers/projects/builds_controller.rb +++ b/app/controllers/projects/builds_controller.rb @@ -2,7 +2,7 @@ class Projects::BuildsController < Projects::ApplicationController before_action :ci_project before_action :build, except: [:index, :cancel_all] - before_action :authorize_admin_project!, except: [:index, :show, :status] + before_action :authorize_manage_builds!, except: [:index, :show, :status] layout "project" @@ -74,4 +74,10 @@ class Projects::BuildsController < Projects::ApplicationController def build_path(build) namespace_project_build_path(build.gl_project.namespace, build.gl_project, build) end + + def authorize_manage_builds! + unless can?(current_user, :manage_builds, project) + return page_404 + end + end end diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb index 7886f3c6deb..878c3a66e7d 100644 --- a/app/controllers/projects/commit_controller.rb +++ b/app/controllers/projects/commit_controller.rb @@ -4,7 +4,8 @@ class Projects::CommitController < Projects::ApplicationController # Authorize before_action :require_non_empty_project - before_action :authorize_download_code! + before_action :authorize_download_code!, except: [:cancel_builds] + before_action :authorize_manage_builds!, only: [:cancel_builds] before_action :commit def show @@ -55,4 +56,12 @@ class Projects::CommitController < Projects::ApplicationController def commit @commit ||= @project.commit(params[:id]) end + + private + + def authorize_manage_builds! + unless can?(current_user, :manage_builds, project) + return page_404 + end + end end |