Add direct upload support for personal snippets

author: Jan Provaznik <jprovaznik@gitlab.com> 2019-07-09 20:51:42 +0200
committer: Jan Provaznik <jprovaznik@gitlab.com> 2019-08-23 11:19:14 +0200
commit: 41d52bbfe9725a93013ea6b072efcdc16e591b14 (patch)
tree: b8ab973e0173fd61f32f17f19c47476b1638c40d /app/controllers/uploads_controller.rb
parent: 36a729f05f1b9c2b3935b9d121b8fe3172ce5cc1 (diff)
download: gitlab-ce-41d52bbfe9725a93013ea6b072efcdc16e591b14.tar.gz
1 files changed, 4 insertions, 2 deletions
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index 94bd18f70d4..2adfeab182e 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -2,6 +2,7 @@
 
 class UploadsController < ApplicationController
   include UploadsActions
+  include WorkhorseRequest
 
   UnknownUploadModelError = Class.new(StandardError)
 
@@ -21,7 +22,8 @@ class UploadsController < ApplicationController
   before_action :upload_mount_satisfied?
   before_action :find_model
   before_action :authorize_access!, only: [:show]
-  before_action :authorize_create_access!, only: [:create]
+  before_action :authorize_create_access!, only: [:create, :authorize]
+  before_action :verify_workhorse_api!, only: [:authorize]
 
   def uploader_class
     PersonalFileUploader
@@ -72,7 +74,7 @@ class UploadsController < ApplicationController
   end
 
   def render_unauthorized
-    if current_user
+    if current_user || workhorse_authorize_request?
       render_404
     else
       authenticate_user!
author	Jan Provaznik <jprovaznik@gitlab.com>	2019-07-09 20:51:42 +0200
committer	Jan Provaznik <jprovaznik@gitlab.com>	2019-08-23 11:19:14 +0200
commit	41d52bbfe9725a93013ea6b072efcdc16e591b14 (patch)
tree	b8ab973e0173fd61f32f17f19c47476b1638c40d /app/controllers/uploads_controller.rb
parent	36a729f05f1b9c2b3935b9d121b8fe3172ce5cc1 (diff)
download	gitlab-ce-41d52bbfe9725a93013ea6b072efcdc16e591b14.tar.gz