diff options
| author | Sean McGivern <sean@mcgivern.me.uk> | 2017-03-13 11:04:33 +0000 |
|---|---|---|
| committer | Sean McGivern <sean@mcgivern.me.uk> | 2017-03-13 11:04:33 +0000 |
| commit | d1df36e3864967f65f662c1367d3bdfe993beadd (patch) | |
| tree | 09cdc737f73baa94ae9b1e47100e9f8aa96ec4a5 /lib/api/helpers.rb | |
| parent | f49868adf1a2ea24815d432640cd0d996e0d87a0 (diff) | |
| parent | 90e11fb272cd30e7e61be16d862830f2b69a624a (diff) | |
| download | gitlab-ce-d1df36e3864967f65f662c1367d3bdfe993beadd.tar.gz | |
Merge branch 'refactor/global-permissions-for-internal-users' into 'master'
Refactor/global permissions for internal users
See merge request !9598
Diffstat (limited to 'lib/api/helpers.rb')
| -rw-r--r-- | lib/api/helpers.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a9b364da9e1..bd22b82476b 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -97,7 +97,7 @@ module API end def authenticate! - unauthorized! unless current_user + unauthorized! unless current_user && can?(current_user, :access_api) end def authenticate_non_get! @@ -116,7 +116,7 @@ module API forbidden! unless current_user.is_admin? end - def authorize!(action, subject = nil) + def authorize!(action, subject = :global) forbidden! unless can?(current_user, action, subject) end @@ -134,7 +134,7 @@ module API end end - def can?(object, action, subject) + def can?(object, action, subject = :global) Ability.allowed?(object, action, subject) end |