diff options
Diffstat (limited to 'lib/api/jobs.rb')
| -rw-r--r-- | lib/api/jobs.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/api/jobs.rb b/lib/api/jobs.rb index 80a5cbd6b19..59f0dbe8a9b 100644 --- a/lib/api/jobs.rb +++ b/lib/api/jobs.rb @@ -38,6 +38,8 @@ module API end # rubocop: disable CodeReuse/ActiveRecord get ':id/jobs' do + authorize_read_builds! + builds = user_project.builds.order('id DESC') builds = filter_builds(builds, params[:scope]) @@ -50,13 +52,16 @@ module API success Entities::Job end params do - requires :pipeline_id, type: Integer, desc: 'The pipeline ID' + requires :pipeline_id, type: Integer, desc: 'The pipeline ID' use :optional_scope use :pagination end # rubocop: disable CodeReuse/ActiveRecord get ':id/pipelines/:pipeline_id/jobs' do + authorize!(:read_pipeline, user_project) pipeline = user_project.ci_pipelines.find(params[:pipeline_id]) + authorize!(:read_build, pipeline) + builds = pipeline.builds builds = filter_builds(builds, params[:scope]) builds = builds.preload(:job_artifacts_archive, :job_artifacts, project: [:namespace]) |