summaryrefslogtreecommitdiff
path: root/app/controllers/projects_controller.rb
diff options
context:
space:
mode:
authorHan Loong Liauw <hanloongliauw@gmail.com>2015-10-14 09:04:22 +1100
committerHan Loong Liauw <hanloongliauw@gmail.com>2015-10-14 20:19:41 +1100
commit0bea5ced8bf4c9306f8f8e912313731a43d16f4c (patch)
tree59c92b92d21fc88d14c4e838c613b0caae38de79 /app/controllers/projects_controller.rb
parent520d85099ff34882d865c3fa885a7f3335b41cb2 (diff)
downloadgitlab-ce-0bea5ced8bf4c9306f8f8e912313731a43d16f4c.tar.gz
Made suggested content changes based on MR Review
Changed the authentication method for removing fork through API Reflected changes to new auth method in API specs
Diffstat (limited to 'app/controllers/projects_controller.rb')
-rw-r--r--app/controllers/projects_controller.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 1fb83d0eb6d..77b3af9a5d0 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -5,7 +5,7 @@ class ProjectsController < ApplicationController
before_action :repository, except: [:new, :create]
# Authorize
- before_action :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive, :remove_fork]
+ before_action :authorize_admin_project!, only: [:edit, :update]
before_action :event_filter, only: [:show, :activity]
layout :determine_layout
@@ -56,6 +56,8 @@ class ProjectsController < ApplicationController
end
def transfer
+ return access_denied! unless can?(current_user, :change_namespace, @project)
+
namespace = Namespace.find_by(id: params[:new_namespace_id])
::Projects::TransferService.new(project, current_user).execute(namespace)
@@ -65,6 +67,8 @@ class ProjectsController < ApplicationController
end
def remove_fork
+ return access_denied! unless can?(current_user, :remove_fork_project, @project)
+
if @project.forked?
@project.forked_project_link.destroy
flash[:notice] = 'Fork relationship has been removed.'
View Lorry Controller Status