diff options
author | Vinnie Okada <vokada@mrvinn.com> | 2015-03-07 12:47:06 -0700 |
---|---|---|
committer | Vinnie Okada <vokada@mrvinn.com> | 2015-03-08 17:57:08 -0600 |
commit | 928fc94c3d900069902b097d6464acee712a886c (patch) | |
tree | e30cbea42055c082e76881bd36ccd94f72afac8e /app/controllers/projects | |
parent | 285c5341855f8af6cbea5e964e3104a4698fa450 (diff) | |
download | gitlab-ce-928fc94c3d900069902b097d6464acee712a886c.tar.gz |
Enforce restricted visibilities for snippets
Add new service classes to create and update project and personal
snippets. These classes are responsible for enforcing restricted
visibility settings for non-admin users.
Diffstat (limited to 'app/controllers/projects')
-rw-r--r-- | app/controllers/projects/snippets_controller.rb | 24 |
1 files changed, 10 insertions, 14 deletions
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index 6c250e4ffed..ed268400373 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -28,26 +28,22 @@ class Projects::SnippetsController < Projects::ApplicationController end def create - @snippet = @project.snippets.build(snippet_params) - @snippet.author = current_user - - if @snippet.save - redirect_to namespace_project_snippet_path(@project.namespace, @project, - @snippet) - else - respond_with(@snippet) - end + @snippet = CreateSnippetService.new(@project, current_user, + snippet_params).execute + respond_with(@snippet, + location: namespace_project_snippet_path(@project.namespace, + @project, @snippet)) end def edit end def update - if @snippet.update_attributes(snippet_params) - redirect_to namespace_project_snippet_path(@project.namespace, @project, @snippet) - else - respond_with(@snippet) - end + UpdateSnippetService.new(project, current_user, @snippet, + snippet_params).execute + respond_with(@snippet, + location: namespace_project_snippet_path(@project.namespace, + @project, @snippet)) end def show |