Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-21 07:08:36 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2020-10-21 07:08:36 +0000
commit: 48aff82709769b098321c738f3444b9bdaa694c6 (patch)
tree: e00c7c43e2d9b603a5a6af576b1685e400410dee /lib/api/project_snippets.rb
parent: 879f5329ee916a948223f8f43d77fba4da6cd028 (diff)
download: gitlab-ce-48aff82709769b098321c738f3444b9bdaa694c6.tar.gz
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb
index f6e87fece89..b4de260fe49 100644
--- a/lib/api/project_snippets.rb
+++ b/lib/api/project_snippets.rb
@@ -1,10 +1,9 @@
 # frozen_string_literal: true
 
 module API
-  class ProjectSnippets < Grape::API::Instance
+  class ProjectSnippets < ::API::Base
     include PaginationParams
 
-    before { authenticate! }
     before { check_snippets_enabled }
 
     params do
@@ -37,6 +36,8 @@ module API
         use :pagination
       end
       get ":id/snippets" do
+        authenticate!
+
         present paginate(snippets_for_current_user), with: Entities::ProjectSnippet, current_user: current_user
       end
 
@@ -48,6 +49,9 @@ module API
       end
       get ":id/snippets/:snippet_id" do
         snippet = snippets_for_current_user.find(params[:snippet_id])
+
+        not_found!('Snippet') unless snippet
+
         present snippet, with: Entities::ProjectSnippet, current_user: current_user
       end
 
@@ -63,6 +67,8 @@ module API
         use :create_file_params
       end
       post ":id/snippets" do
+        authenticate!
+
         authorize! :create_snippet, user_project
 
         snippet_params = process_create_params(declared_params(include_missing: false))
@@ -97,6 +103,8 @@ module API
       end
       # rubocop: disable CodeReuse/ActiveRecord
       put ":id/snippets/:snippet_id" do
+        authenticate!
+
         snippet = snippets_for_current_user.find_by(id: params.delete(:snippet_id))
         not_found!('Snippet') unless snippet
 
@@ -125,6 +133,8 @@ module API
       end
       # rubocop: disable CodeReuse/ActiveRecord
       delete ":id/snippets/:snippet_id" do
+        authenticate!
+
         snippet = snippets_for_current_user.find_by(id: params[:snippet_id])
         not_found!('Snippet') unless snippet
author	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-21 07:08:36 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2020-10-21 07:08:36 +0000
commit	48aff82709769b098321c738f3444b9bdaa694c6 (patch)
tree	e00c7c43e2d9b603a5a6af576b1685e400410dee /lib/api/project_snippets.rb
parent	879f5329ee916a948223f8f43d77fba4da6cd028 (diff)
download	gitlab-ce-48aff82709769b098321c738f3444b9bdaa694c6.tar.gz