Enforce restricted visibilities for snippets

Add new service classes to create and update project and personal
snippets.  These classes are responsible for enforcing restricted
visibility settings for non-admin users.

1 files changed, 3 insertions, 3 deletions

diff --git a/app/services/update_snippet_service.rb b/app/services/update_snippet_service.rb
index b7a719f2526..9d181c2d2ab 100644
--- a/app/services/update_snippet_service.rb
+++ b/app/services/update_snippet_service.rb
@@ -1,7 +1,7 @@
 class UpdateSnippetService < BaseService
   attr_accessor :snippet
 
-  def initialize(project = nil, user, snippet, params = {})
+  def initialize(project, user, snippet, params)
     super(project, user, params)
     @snippet = snippet
   end
@@ -9,10 +9,10 @@ class UpdateSnippetService < BaseService
   def execute
     # check that user is allowed to set specified visibility_level
     new_visibility = params[:visibility_level]
-    if new_visibility && new_visibility != snippet.visibility_level
+    if new_visibility && new_visibility.to_i != snippet.visibility_level
       unless can?(current_user, :change_visibility_level, snippet) &&
         Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
-        deny_visibility_level(snippet, new_visibility_level)
+        deny_visibility_level(snippet, new_visibility)
         return snippet
       end
     end