summaryrefslogtreecommitdiff
path: root/app/controllers/projects/pipeline_schedules_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects/pipeline_schedules_controller.rb')
-rw-r--r--app/controllers/projects/pipeline_schedules_controller.rb7
1 files changed, 6 insertions, 1 deletions
diff --git a/app/controllers/projects/pipeline_schedules_controller.rb b/app/controllers/projects/pipeline_schedules_controller.rb
index ac94cc001dd..f6171403667 100644
--- a/app/controllers/projects/pipeline_schedules_controller.rb
+++ b/app/controllers/projects/pipeline_schedules_controller.rb
@@ -7,7 +7,8 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
before_action :authorize_play_pipeline_schedule!, only: [:play]
before_action :authorize_read_pipeline_schedule!
before_action :authorize_create_pipeline_schedule!, only: [:new, :create]
- before_action :authorize_update_pipeline_schedule!, except: [:index, :new, :create, :play]
+ before_action :authorize_update_pipeline_schedule!, only: [:edit, :update]
+ before_action :authorize_take_ownership_pipeline_schedule!, only: [:take_ownership]
before_action :authorize_admin_pipeline_schedule!, only: [:destroy]
feature_category :continuous_integration
@@ -108,6 +109,10 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
return access_denied! unless can?(current_user, :update_pipeline_schedule, schedule)
end
+ def authorize_take_ownership_pipeline_schedule!
+ return access_denied! unless can?(current_user, :take_ownership_pipeline_schedule, schedule)
+ end
+
def authorize_admin_pipeline_schedule!
return access_denied! unless can?(current_user, :admin_pipeline_schedule, schedule)
end
View Lorry Controller Status