diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 11:59:07 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-12-17 11:59:07 +0000 |
| commit | 8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca (patch) | |
| tree | 544930fb309b30317ae9797a9683768705d664c4 /app/controllers/projects/jobs_controller.rb | |
| parent | 4b1de649d0168371549608993deac953eb692019 (diff) | |
| download | gitlab-ce-8b573c94895dc0ac0e1d9d59cf3e8745e8b539ca.tar.gz | |
Add latest changes from gitlab-org/gitlab@13-7-stable-eev13.7.0-rc42
Diffstat (limited to 'app/controllers/projects/jobs_controller.rb')
| -rw-r--r-- | app/controllers/projects/jobs_controller.rb | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb index 07e38c80291..900ebc61856 100644 --- a/app/controllers/projects/jobs_controller.rb +++ b/app/controllers/projects/jobs_controller.rb @@ -6,6 +6,7 @@ class Projects::JobsController < Projects::ApplicationController before_action :find_job_as_build, except: [:index, :play] before_action :find_job_as_processable, only: [:play] + before_action :authorize_read_build_trace!, only: [:trace, :raw] before_action :authorize_read_build! before_action :authorize_update_build!, except: [:index, :show, :status, :raw, :trace, :erase] @@ -14,8 +15,8 @@ class Projects::JobsController < Projects::ApplicationController before_action :verify_api_request!, only: :terminal_websocket_authorize before_action :authorize_create_proxy_build!, only: :proxy_websocket_authorize before_action :verify_proxy_request!, only: :proxy_websocket_authorize - before_action do - push_frontend_feature_flag(:ci_job_line_links, @project) + before_action only: :index do + frontend_experimentation_tracking_data(:jobs_empty_state, 'click_button') end layout 'project' @@ -157,6 +158,18 @@ class Projects::JobsController < Projects::ApplicationController private + def authorize_read_build_trace! + return if can?(current_user, :read_build_trace, @build) + + msg = _( + "You must have developer or higher permissions in the associated project to view job logs when debug trace is enabled. To disable debug trace, set the 'CI_DEBUG_TRACE' variable to 'false' in your pipeline configuration or CI/CD settings. " \ + "If you need to view this job log, a project maintainer must add you to the project with developer permissions or higher." + ) + return access_denied!(msg) if @build.debug_mode? + + access_denied!(_('The current user is not authorized to access the job log.')) + end + def authorize_update_build! return access_denied! unless can?(current_user, :update_build, @build) end @@ -204,11 +217,7 @@ class Projects::JobsController < Projects::ApplicationController end def find_job_as_processable - if ::Gitlab::Ci::Features.manual_bridges_enabled?(project) - @build = project.processables.find(params[:id]) - else - find_job_as_build - end + @build = project.processables.find(params[:id]) end def build_path(build) |