diff options
author | Timothy Andrew <mail@timothyandrew.net> | 2016-07-27 10:14:38 +0530 |
---|---|---|
committer | Timothy Andrew <mail@timothyandrew.net> | 2016-07-29 15:20:39 +0530 |
commit | 6d841eaadcbccfa4527bd892bf86fc8dbba19455 (patch) | |
tree | 834e0b9de540743816c9d24bfd30c07e6562aaa2 /app/models | |
parent | 01d190a84ad9b8e4a40cbdec8a55946bac38ab76 (diff) | |
download | gitlab-ce-6d841eaadcbccfa4527bd892bf86fc8dbba19455.tar.gz |
Authorize user before creating/updating a protected branch.
1. This is a third line of defence (first in the view, second in the
controller).
2. Duplicate the `API::Helpers.to_boolean` method in `BaseService`. The
other alternative is to `include API::Helpers`, but this brings with it
a number of other methods that might cause conflicts.
3. Return a 403 if authorization fails.
Diffstat (limited to 'app/models')
0 files changed, 0 insertions, 0 deletions