summaryrefslogtreecommitdiff
path: root/app/controllers/projects/snippets/application_controller.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects/snippets/application_controller.rb')
-rw-r--r--app/controllers/projects/snippets/application_controller.rb19
1 files changed, 19 insertions, 0 deletions
diff --git a/app/controllers/projects/snippets/application_controller.rb b/app/controllers/projects/snippets/application_controller.rb
new file mode 100644
index 00000000000..3f488b07e96
--- /dev/null
+++ b/app/controllers/projects/snippets/application_controller.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+class Projects::Snippets::ApplicationController < Projects::ApplicationController
+ include FindSnippet
+ include SnippetAuthorizations
+
+ private
+
+ # This overrides the default snippet create authorization
+ # because ProjectSnippets are checked against the project rather
+ # than the user
+ def authorize_create_snippet!
+ return render_404 unless can?(current_user, :create_snippet, project)
+ end
+
+ def snippet_klass
+ ProjectSnippet
+ end
+end
View Lorry Controller Status