1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
module Ci
class ApplicationController < ::ApplicationController
before_action :check_enable_flag!
def self.railtie_helpers_paths
"app/helpers/ci"
end
helper_method :gl_project
private
def check_enable_flag!
unless current_application_settings.ci_enabled
redirect_to(disabled_ci_projects_path)
return
end
end
def authenticate_public_page!
unless project.public
authenticate_user!
return access_denied! unless can?(current_user, :read_project, gl_project)
end
end
def authenticate_token!
unless project.valid_token?(params[:token])
return head(403)
end
end
def authorize_access_project!
unless can?(current_user, :read_project, gl_project)
return page_404
end
end
def authorize_manage_builds!
unless can?(current_user, :manage_builds, gl_project)
return page_404
end
end
def authenticate_admin!
return render_404 unless current_user.is_admin?
end
def authorize_manage_project!
unless can?(current_user, :admin_project, gl_project)
return page_404
end
end
def page_404
render file: "#{Rails.root}/public/404.html", status: 404, layout: false
end
def default_headers
headers['X-Frame-Options'] = 'DENY'
headers['X-XSS-Protection'] = '1; mode=block'
end
# JSON for infinite scroll via Pager object
def pager_json(partial, count)
html = render_to_string(
partial,
layout: false,
formats: [:html]
)
render json: {
html: html,
count: count
}
end
def gl_project
::Project.find(@project.gitlab_id)
end
end
end
|
