summaryrefslogtreecommitdiff
path: root/lib/api/triggers.rb
diff options
context:
space:
mode:
authorKamil Trzcinski <ayufan@ayufan.eu>2016-02-01 23:58:04 +0100
committerKamil Trzcinski <ayufan@ayufan.eu>2016-02-02 09:18:08 +0100
commit055afab5c7d33d061d339c270bd258ed847450f3 (patch)
treee72ba0bc495456f3f106d23576810cec4238af21 /lib/api/triggers.rb
parent7df149bb63c91792fb958db87b24bb120463a49e (diff)
downloadgitlab-ce-055afab5c7d33d061d339c270bd258ed847450f3.tar.gz
Make the CI permission model simpler
This MR simplifies CI permission model: - read_build: allows to read a list of builds, artifacts and trace - update_build: allows to cancel and retry builds - create_build: allows to create builds from gitlab-ci.yml (not yet implemented) - admin_build: allows to manage triggers, runners and variables - read_commit_status: allows to read a list of commit statuses (including the overall of builds) - create_commit_status: allows to create a new commit status using API Remove all extra methods to manage permission. Made all controllers to use explicitly the new permissions.
Diffstat (limited to 'lib/api/triggers.rb')
-rw-r--r--lib/api/triggers.rb8
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb
index 5e4964f446c..d1d07394e92 100644
--- a/lib/api/triggers.rb
+++ b/lib/api/triggers.rb
@@ -54,7 +54,7 @@ module API
# GET /projects/:id/triggers
get ':id/triggers' do
authenticate!
- authorize_admin_project
+ authorize! :admin_build, user_project
triggers = user_project.triggers.includes(:trigger_requests)
triggers = paginate(triggers)
@@ -71,7 +71,7 @@ module API
# GET /projects/:id/triggers/:token
get ':id/triggers/:token' do
authenticate!
- authorize_admin_project
+ authorize! :admin_build, user_project
trigger = user_project.triggers.find_by(token: params[:token].to_s)
return not_found!('Trigger') unless trigger
@@ -87,7 +87,7 @@ module API
# POST /projects/:id/triggers
post ':id/triggers' do
authenticate!
- authorize_admin_project
+ authorize! :admin_build, user_project
trigger = user_project.triggers.create
@@ -103,7 +103,7 @@ module API
# DELETE /projects/:id/triggers/:token
delete ':id/triggers/:token' do
authenticate!
- authorize_admin_project
+ authorize! :admin_build, user_project
trigger = user_project.triggers.find_by(token: params[:token].to_s)
return not_found!('Trigger') unless trigger