diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-20 12:40:42 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-10-20 12:40:42 +0300 |
| commit | ee664acb356f8123f4f6b00b73c1e1cf0866c7fb (patch) | |
| tree | f8479f94a28f66654c6a4f6fb99bad6b4e86a40e /app/controllers/groups | |
| parent | 62f7d5c5b69180e82ae8196b7b429eeffc8e7b4f (diff) | |
Add latest changes from gitlab-org/gitlab@15-5-stable-eev15.5.0-rc42
Diffstat (limited to 'app/controllers/groups')
| -rw-r--r-- | app/controllers/groups/application_controller.rb | 4 | ||||
| -rw-r--r-- | app/controllers/groups/boards_controller.rb | 15 | ||||
| -rw-r--r-- | app/controllers/groups/runners_controller.rb | 16 | ||||
| -rw-r--r-- | app/controllers/groups/settings/access_tokens_controller.rb | 6 |
4 files changed, 20 insertions, 21 deletions
diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb index aec3247f4b2..f8cfa996447 100644 --- a/app/controllers/groups/application_controller.rb +++ b/app/controllers/groups/application_controller.rb @@ -67,6 +67,10 @@ class Groups::ApplicationController < ApplicationController end end + def authorize_billings_page! + render_404 unless can?(current_user, :read_billing, group) + end + def authorize_read_group_member! unless can?(current_user, :read_group_member, group) render_403 diff --git a/app/controllers/groups/boards_controller.rb b/app/controllers/groups/boards_controller.rb index e64d838b7d1..14b70df0feb 100644 --- a/app/controllers/groups/boards_controller.rb +++ b/app/controllers/groups/boards_controller.rb @@ -5,7 +5,6 @@ class Groups::BoardsController < Groups::ApplicationController include RecordUserLastActivity include Gitlab::Utils::StrongMemoize - before_action :assign_endpoint_vars before_action do push_frontend_feature_flag(:board_multi_select, group) push_frontend_feature_flag(:realtime_labels, group) @@ -20,16 +19,6 @@ class Groups::BoardsController < Groups::ApplicationController private - def board_klass - Board - end - - def boards_finder - strong_memoize :boards_finder do - Boards::BoardsFinder.new(parent, current_user) - end - end - def board_finder strong_memoize :board_finder do Boards::BoardsFinder.new(parent, current_user, board_id: params[:id]) @@ -42,10 +31,6 @@ class Groups::BoardsController < Groups::ApplicationController end end - def assign_endpoint_vars - @boards_endpoint = group_boards_path(group) - end - def authorize_read_board! access_denied! unless can?(current_user, :read_issue_board, group) end diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb index 652f12e34ba..18b055b3f05 100644 --- a/app/controllers/groups/runners_controller.rb +++ b/app/controllers/groups/runners_controller.rb @@ -2,13 +2,9 @@ class Groups::RunnersController < Groups::ApplicationController before_action :authorize_read_group_runners!, only: [:index, :show] - before_action :authorize_admin_group_runners!, only: [:edit, :update, :destroy, :pause, :resume] + before_action :authorize_update_runner!, only: [:edit, :update, :destroy, :pause, :resume] before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show] - before_action only: [:show] do - push_frontend_feature_flag(:enforce_runner_token_expires_at) - end - feature_category :runner urgency :low @@ -37,7 +33,9 @@ class Groups::RunnersController < Groups::ApplicationController private def runner - @runner ||= Ci::RunnersFinder.new(current_user: current_user, params: { group: @group }).execute + group_params = { group: @group, membership: :all_available } + + @runner ||= Ci::RunnersFinder.new(current_user: current_user, params: group_params).execute .except(:limit, :offset) .find(params[:id]) end @@ -45,6 +43,12 @@ class Groups::RunnersController < Groups::ApplicationController def runner_params params.require(:runner).permit(Ci::Runner::FORM_EDITABLE) end + + def authorize_update_runner! + return if can?(current_user, :admin_group_runners, group) && can?(current_user, :update_runner, runner) + + render_404 + end end Groups::RunnersController.prepend_mod diff --git a/app/controllers/groups/settings/access_tokens_controller.rb b/app/controllers/groups/settings/access_tokens_controller.rb index b9ab2e008cc..f01b2b779e3 100644 --- a/app/controllers/groups/settings/access_tokens_controller.rb +++ b/app/controllers/groups/settings/access_tokens_controller.rb @@ -13,6 +13,12 @@ module Groups def resource_access_tokens_path group_settings_access_tokens_path end + + private + + def represent(tokens) + ::GroupAccessTokenSerializer.new.represent(tokens, group: resource) + end end end end |