diff options
| author | Kamil Trzciński <ayufan@ayufan.eu> | 2017-11-14 10:54:30 +0000 |
|---|---|---|
| committer | Kamil Trzciński <ayufan@ayufan.eu> | 2017-11-14 10:54:30 +0000 |
| commit | 6b01821b0d7c7c624ab86936a7cadb82b3603630 (patch) | |
| tree | 22027af01434dddcf507a48a9e12d05b86ff4953 /app/controllers | |
| parent | 6b9b516007c8dda88f33e9603a6880e3fc3ff103 (diff) | |
| parent | 8029c92e1c81e4c9ab55704bff82cca5ff893a03 (diff) | |
| download | gitlab-ce-6b01821b0d7c7c624ab86936a7cadb82b3603630.tar.gz | |
Merge branch 'fix/sm/31771-do-not-allow-jobs-to-be-erased-new' into 'master'
Do not allow jobs to be erased
Closes #31771
See merge request gitlab-org/gitlab-ce!15216
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/projects/jobs_controller.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/projects/jobs_controller.rb b/app/controllers/projects/jobs_controller.rb index 1b985ea9763..1c4c09c772f 100644 --- a/app/controllers/projects/jobs_controller.rb +++ b/app/controllers/projects/jobs_controller.rb @@ -4,7 +4,8 @@ class Projects::JobsController < Projects::ApplicationController before_action :authorize_read_build!, only: [:index, :show, :status, :raw, :trace] before_action :authorize_update_build!, - except: [:index, :show, :status, :raw, :trace, :cancel_all] + except: [:index, :show, :status, :raw, :trace, :cancel_all, :erase] + before_action :authorize_erase_build!, only: [:erase] layout 'project' @@ -131,6 +132,10 @@ class Projects::JobsController < Projects::ApplicationController return access_denied! unless can?(current_user, :update_build, build) end + def authorize_erase_build! + return access_denied! unless can?(current_user, :erase_build, build) + end + def build @build ||= project.builds.find(params[:id]) .present(current_user: current_user) |