diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-18 14:18:50 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-18 14:18:50 +0300 |
| commit | 8c7f4e9d5f36cff46365a7f8c4b9c21578c1e781 (patch) | |
| tree | a77e7fe7a93de11213032ed4ab1f33a3db51b738 /app/controllers/concerns/snippet_authorizations.rb | |
| parent | 00b35af3db1abfe813a778f643dad221aad51fca (diff) | |
Add latest changes from gitlab-org/gitlab@13-1-stable-ee
Diffstat (limited to 'app/controllers/concerns/snippet_authorizations.rb')
| -rw-r--r-- | app/controllers/concerns/snippet_authorizations.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/app/controllers/concerns/snippet_authorizations.rb b/app/controllers/concerns/snippet_authorizations.rb new file mode 100644 index 00000000000..9bbb0cc6faa --- /dev/null +++ b/app/controllers/concerns/snippet_authorizations.rb @@ -0,0 +1,23 @@ +# frozen_string_literal: true + +module SnippetAuthorizations + extend ActiveSupport::Concern + + private + + def authorize_read_snippet! + return render_404 unless can?(current_user, :read_snippet, snippet) + end + + def authorize_update_snippet! + return render_404 unless can?(current_user, :update_snippet, snippet) + end + + def authorize_admin_snippet! + return render_404 unless can?(current_user, :admin_snippet, snippet) + end + + def authorize_create_snippet! + return render_404 unless can?(current_user, :create_snippet) + end +end |