diff options
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/projects_controller.rb | 13 | ||||
-rw-r--r-- | app/policies/project_policy.rb | 2 |
2 files changed, 9 insertions, 6 deletions
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 33c6608d321..f76e6663995 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -47,7 +47,7 @@ class ProjectsController < Projects::ApplicationController end def create - @project = ::Projects::CreateService.new(current_user, project_params).execute + @project = ::Projects::CreateService.new(current_user, project_params(attributes: project_params_create_attributes)).execute if @project.saved? cookies[:issue_board_welcome_hidden] = { path: project_path(@project), value: nil, expires: Time.at(0) } @@ -328,9 +328,9 @@ class ProjectsController < Projects::ApplicationController end # rubocop: enable CodeReuse/ActiveRecord - def project_params + def project_params(attributes: []) params.require(:project) - .permit(project_params_attributes) + .permit(project_params_attributes + attributes) end def project_params_attributes @@ -349,11 +349,10 @@ class ProjectsController < Projects::ApplicationController :last_activity_at, :lfs_enabled, :name, - :namespace_id, :only_allow_merge_if_all_discussions_are_resolved, :only_allow_merge_if_pipeline_succeeds, - :printing_merge_request_link_enabled, :path, + :printing_merge_request_link_enabled, :public_builds, :request_access_enabled, :runners_token, @@ -375,6 +374,10 @@ class ProjectsController < Projects::ApplicationController ] end + def project_params_create_attributes + [:namespace_id] + end + def custom_import_params {} end diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 9f9f5230040..e9f4e0b4b41 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -177,7 +177,6 @@ class ProjectPolicy < BasePolicy enable :read_cycle_analytics enable :award_emoji enable :read_pages_content - enable :read_release end # These abilities are not allowed to admins that are not members of the project, @@ -203,6 +202,7 @@ class ProjectPolicy < BasePolicy enable :read_deployment enable :read_merge_request enable :read_sentry_issue + enable :read_release end # We define `:public_user_access` separately because there are cases in gitlab-ee |