diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-07 18:06:21 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2019-11-07 18:06:21 +0000 |
| commit | d8ccc7a00b7a1ea954263170a2044257424a2cfe (patch) | |
| tree | 0a29cb558aae61795da47c82ce7e87983c5dc4af /app/controllers/application_controller.rb | |
| parent | 90a06a20be61bb6d48d77746091492831153e075 (diff) | |
| download | gitlab-ce-d8ccc7a00b7a1ea954263170a2044257424a2cfe.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/application_controller.rb')
| -rw-r--r-- | app/controllers/application_controller.rb | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index af2869ddba7..1311c745da3 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -17,14 +17,14 @@ class ApplicationController < ActionController::Base include Gitlab::Tracking::ControllerConcern include Gitlab::Experimentation::ControllerConcern - before_action :authenticate_user!, except: [:route_not_found] + before_action :authenticate_user! before_action :enforce_terms!, if: :should_enforce_terms? before_action :validate_user_service_ticket! - before_action :check_password_expiration + before_action :check_password_expiration, if: :html_request? before_action :ldap_security_check before_action :sentry_context before_action :default_headers - before_action :add_gon_variables, unless: [:peek_request?, :json_request?] + before_action :add_gon_variables, if: :html_request? before_action :configure_permitted_parameters, if: :devise_controller? before_action :require_email, unless: :devise_controller? before_action :active_user_check, unless: :devise_controller? @@ -95,13 +95,11 @@ class ApplicationController < ActionController::Base end def route_not_found - if current_user - not_found - else - store_location_for(:user, request.fullpath) unless request.xhr? + # We need to call #authenticate_user! here because sometimes this is called from another action + # and not from our wildcard fallback route + authenticate_user! - redirect_to new_user_session_path, alert: I18n.t('devise.failure.unauthenticated') - end + not_found end def render(*args) @@ -451,8 +449,8 @@ class ApplicationController < ActionController::Base response.headers['Page-Title'] = URI.escape(page_title('GitLab')) end - def peek_request? - request.path.start_with?('/-/peek') + def html_request? + request.format.html? end def json_request? @@ -462,7 +460,7 @@ class ApplicationController < ActionController::Base def should_enforce_terms? return false unless Gitlab::CurrentSettings.current_application_settings.enforce_terms - !(peek_request? || devise_controller?) + html_request? && !devise_controller? end def set_usage_stats_consent_flag |