diff options
Diffstat (limited to 'app/controllers/projects/releases_controller.rb')
-rw-r--r-- | app/controllers/projects/releases_controller.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/app/controllers/projects/releases_controller.rb b/app/controllers/projects/releases_controller.rb index 0f9cb2dfc31..40e467e9e8a 100644 --- a/app/controllers/projects/releases_controller.rb +++ b/app/controllers/projects/releases_controller.rb @@ -3,10 +3,12 @@ class Projects::ReleasesController < Projects::ApplicationController # Authorize before_action :require_non_empty_project, except: [:index] + before_action :release, only: %i[edit update] before_action :authorize_read_release! before_action do push_frontend_feature_flag(:release_edit_page, project) end + before_action :authorize_update_release!, only: %i[edit update] def index respond_to do |format| @@ -22,4 +24,25 @@ class Projects::ReleasesController < Projects::ApplicationController def releases ReleasesFinder.new(@project, current_user).execute end + + def edit + respond_to do |format| + format.html { render 'edit' } + end + end + + private + + def authorize_update_release! + access_denied! unless Feature.enabled?(:release_edit_page, project) + access_denied! unless can?(current_user, :update_release, release) + end + + def release + @release ||= project.releases.find_by_tag!(sanitized_tag_name) + end + + def sanitized_tag_name + CGI.unescape(params[:tag]) + end end |