diff options
author | Sean McGivern <sean@gitlab.com> | 2016-08-18 17:49:32 +0300 |
---|---|---|
committer | Sean McGivern <sean@gitlab.com> | 2016-08-18 17:54:07 +0300 |
commit | 8b1656282bcc39a0c1c7a3dccf74c98b1c3adae2 (patch) | |
tree | a5375c1ff8150d7777a120f29cfbd4d544ca4865 /app/controllers/import/gitlab_projects_controller.rb | |
parent | 21a73302e8a8b9f22e51f1707a306f04d3faad07 (diff) | |
parent | 2c1062f81e3c39cf8a45185c203995a43b91bf65 (diff) |
Merge branch 'master' into expiration-date-on-memberships
Diffstat (limited to 'app/controllers/import/gitlab_projects_controller.rb')
-rw-r--r-- | app/controllers/import/gitlab_projects_controller.rb | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/app/controllers/import/gitlab_projects_controller.rb b/app/controllers/import/gitlab_projects_controller.rb index 30df1fb2fec..7d0eff37635 100644 --- a/app/controllers/import/gitlab_projects_controller.rb +++ b/app/controllers/import/gitlab_projects_controller.rb @@ -1,5 +1,6 @@ class Import::GitlabProjectsController < Import::BaseController before_action :verify_gitlab_project_import_enabled + before_action :authenticate_admin! def new @namespace_id = project_params[:namespace_id] @@ -12,13 +13,14 @@ class Import::GitlabProjectsController < Import::BaseController return redirect_back_or_default(options: { alert: "You need to upload a GitLab project export archive." }) end - imported_file = project_params[:file].path + "-import" + import_upload_path = Gitlab::ImportExport.import_upload_path(filename: project_params[:file].original_filename) - FileUtils.copy_entry(project_params[:file].path, imported_file) + FileUtils.mkdir_p(File.dirname(import_upload_path)) + FileUtils.copy_entry(project_params[:file].path, import_upload_path) @project = Gitlab::ImportExport::ProjectCreator.new(project_params[:namespace_id], current_user, - File.expand_path(imported_file), + import_upload_path, project_params[:path]).execute if @project.saved? @@ -46,4 +48,8 @@ class Import::GitlabProjectsController < Import::BaseController :path, :namespace_id, :file ) end + + def authenticate_admin! + render_404 unless current_user.is_admin? + end end |