summaryrefslogtreecommitdiff
path: root/app/controllers/projects/application_controller.rb
diff options
context:
space:
mode:
authorGrzegorz Bizon <grzesiek.bizon@gmail.com>2017-05-05 13:24:07 +0200
committerGrzegorz Bizon <grzesiek.bizon@gmail.com>2017-05-05 14:04:45 +0200
commit61dd92aaff822759941bb224de9f45bfc5f7cc9b (patch)
tree5420994b4c32e9707a74739dd586f7a12c5c36c8 /app/controllers/projects/application_controller.rb
parent936367538043854c7b093b71ca315b8e469c55a4 (diff)
downloadgitlab-ce-61dd92aaff822759941bb224de9f45bfc5f7cc9b.tar.gz
Authorize build update on per object basis
Diffstat (limited to 'app/controllers/projects/application_controller.rb')
-rw-r--r--app/controllers/projects/application_controller.rb8
1 files changed, 5 insertions, 3 deletions
diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb
index 89f1128ec36..afed0ac05a0 100644
--- a/app/controllers/projects/application_controller.rb
+++ b/app/controllers/projects/application_controller.rb
@@ -55,13 +55,15 @@ class Projects::ApplicationController < ApplicationController
(current_user && current_user.already_forked?(project))
end
- def authorize_project!(action)
- return access_denied! unless can?(current_user, action, project)
+ def authorize_action!(action)
+ unless can?(current_user, action, project)
+ return access_denied!
+ end
end
def method_missing(method_sym, *arguments, &block)
if method_sym.to_s =~ /\Aauthorize_(.*)!\z/
- authorize_project!($1.to_sym)
+ authorize_action!($1.to_sym)
else
super
end
View Lorry Controller Status