3 files changed, 14 insertions, 2 deletions

diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 3b2b0d9e502..08f339d98fc 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -107,6 +107,6 @@ class Projects::SnippetsController < Projects::ApplicationController
   end
 
   def snippet_params
-    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
+    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level, :description)
   end
 end
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 7445f61195d..1334f7daa44 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -45,6 +45,8 @@ class SnippetsController < ApplicationController
 
     @snippet = CreateSnippetService.new(nil, current_user, create_params).execute
 
+    move_temporary_files if params[:files]
+
     recaptcha_check_with_fallback { render :new }
   end
 
@@ -124,6 +126,12 @@ class SnippetsController < ApplicationController
   end
 
   def snippet_params
-    params.require(:personal_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
+    params.require(:personal_snippet).permit(:title, :content, :file_name, :private, :visibility_level, :description)
+  end
+
+  def move_temporary_files
+    params[:files].each do |file|
+      FileMover.new(file, @snippet).execute
+    end
   end
 end
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb
index eef53730291..5cb3de3d4f5 100644
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -9,6 +9,8 @@ class UploadsController < ApplicationController
   private
 
   def find_model
+    return nil unless params[:id]
+
     return render_404 unless upload_model && upload_mount
 
     @model = upload_model.find(params[:id])
@@ -33,6 +35,8 @@ class UploadsController < ApplicationController
   end
 
   def authorize_create_access!
+    return unless model
+
     # for now we support only personal snippets comments
     authorized = can?(current_user, :comment_personal_snippet, model)