diff options
author | Robert Speicher <robert@gitlab.com> | 2018-01-05 17:53:31 +0000 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-01-16 17:04:38 -0800 |
commit | 8f4b06137577f868ffaa41d10c27aa1e763bc825 (patch) | |
tree | 26729d296b21930b17b1730292ac7d4ea59c9cc4 /app/controllers/projects/milestones_controller.rb | |
parent | 6846b70dd499f5aeee6936b3f9604fe42cafe87a (diff) | |
download | gitlab-ce-8f4b06137577f868ffaa41d10c27aa1e763bc825.tar.gz |
Merge branch 'milestones-finder-order-fix' into 'security-10-3'
Remove order param from the MilestoneFinder
See merge request gitlab/gitlabhq!2259
(cherry picked from commit 14408042e78f2ebc2644f956621b461dbfa3d36d)
155881e7 Remove order param from the MilestoneFinder
Diffstat (limited to 'app/controllers/projects/milestones_controller.rb')
-rw-r--r-- | app/controllers/projects/milestones_controller.rb | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index 980bbf699b6..0f70efbce40 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -92,12 +92,6 @@ class Projects::MilestonesController < Projects::ApplicationController def milestones @milestones ||= begin - if @project.group && can?(current_user, :read_group, @project.group) - group = @project.group - end - - search_params = params.merge(project_ids: @project.id, group_ids: group&.id) - MilestonesFinder.new(search_params).execute end end @@ -113,4 +107,12 @@ class Projects::MilestonesController < Projects::ApplicationController def milestone_params params.require(:milestone).permit(:title, :description, :start_date, :due_date, :state_event) end + + def search_params + if @project.group && can?(current_user, :read_group, @project.group) + group = @project.group + end + + params.permit(:state).merge(project_ids: @project.id, group_ids: group&.id) + end end |