summaryrefslogtreecommitdiff
path: root/app/controllers/projects/releases_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects/releases_controller.rb')
-rw-r--r--app/controllers/projects/releases_controller.rb23
1 files changed, 23 insertions, 0 deletions
diff --git a/app/controllers/projects/releases_controller.rb b/app/controllers/projects/releases_controller.rb
index 0f9cb2dfc31..40e467e9e8a 100644
--- a/app/controllers/projects/releases_controller.rb
+++ b/app/controllers/projects/releases_controller.rb
@@ -3,10 +3,12 @@
class Projects::ReleasesController < Projects::ApplicationController
# Authorize
before_action :require_non_empty_project, except: [:index]
+ before_action :release, only: %i[edit update]
before_action :authorize_read_release!
before_action do
push_frontend_feature_flag(:release_edit_page, project)
end
+ before_action :authorize_update_release!, only: %i[edit update]
def index
respond_to do |format|
@@ -22,4 +24,25 @@ class Projects::ReleasesController < Projects::ApplicationController
def releases
ReleasesFinder.new(@project, current_user).execute
end
+
+ def edit
+ respond_to do |format|
+ format.html { render 'edit' }
+ end
+ end
+
+ private
+
+ def authorize_update_release!
+ access_denied! unless Feature.enabled?(:release_edit_page, project)
+ access_denied! unless can?(current_user, :update_release, release)
+ end
+
+ def release
+ @release ||= project.releases.find_by_tag!(sanitized_tag_name)
+ end
+
+ def sanitized_tag_name
+ CGI.unescape(params[:tag])
+ end
end
View Lorry Controller Status