diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-26 15:41:13 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-26 15:41:13 +0000 |
commit | 1e61fc763e645038f2da69fc9af6fe166a6b101a (patch) | |
tree | 76053795a637d056347c1891d98935c0361a331d /app/controllers | |
parent | 57b9b49b27a730294ae37d2ac25cab943f4b801d (diff) | |
download | gitlab-ce-1e61fc763e645038f2da69fc9af6fe166a6b101a.tar.gz |
Add latest changes from gitlab-org/security/gitlab@13-0-stable-ee
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/projects/deploy_keys_controller.rb | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 761225e897f..4f4adaea56e 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -37,6 +37,8 @@ class Projects::DeployKeysController < Projects::ApplicationController end def update + access_denied! unless deploy_key + if deploy_key.update(update_params) flash[:notice] = _('Deploy key was successfully updated.') redirect_to_repository @@ -85,10 +87,12 @@ class Projects::DeployKeysController < Projects::ApplicationController end def update_params - permitted_params = [deploy_keys_projects_attributes: [:id, :can_push]] + permitted_params = [deploy_keys_projects_attributes: [:can_push]] permitted_params << :title if can?(current_user, :update_deploy_key, deploy_key) - params.require(:deploy_key).permit(*permitted_params) + key_update_params = params.require(:deploy_key).permit(*permitted_params) + key_update_params.dig(:deploy_keys_projects_attributes, '0')&.merge!(id: deploy_keys_project.id) + key_update_params end def authorize_update_deploy_key! |