Add latest changes from gitlab-org/gitlab@16-4-stable-eev16.4.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-09-20 14:18:08 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-09-20 14:18:08 +0300
commit: 5afcbe03ead9ada87621888a31a62652b10a7e4f (patch)
tree: 9918b67a0d0f0bafa6542e839a8be37adf73102d /app/controllers/organizations/application_controller.rb
parent: c97c0201564848c1f53226fe19d71fdcc472f7d0 (diff)
1 files changed, 10 insertions, 5 deletions
diff --git a/app/controllers/organizations/application_controller.rb b/app/controllers/organizations/application_controller.rb
index 568cfe6399d..d3c3e878bdf 100644
--- a/app/controllers/organizations/application_controller.rb
+++ b/app/controllers/organizations/application_controller.rb
@@ -2,7 +2,7 @@
 
 module Organizations
   class ApplicationController < ::ApplicationController
-    skip_before_action :authenticate_user!
+    before_action :check_feature_flag!
     before_action :organization
 
     layout 'organization'
@@ -16,11 +16,16 @@ module Organizations
     end
     strong_memoize_attr :organization
 
-    def authorize_action!(action)
-      return if Feature.enabled?(:ui_for_organizations, current_user) &&
-        can?(current_user, action, organization)
+    def check_feature_flag!
+      access_denied! unless Feature.enabled?(:ui_for_organizations, current_user)
+    end
+
+    def authorize_create_organization!
+      access_denied! unless can?(current_user, :create_organization)
+    end
 
-      access_denied!
+    def authorize_read_organization!
+      access_denied! unless can?(current_user, :read_organization, organization)
     end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-09-20 14:18:08 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-09-20 14:18:08 +0300
commit	5afcbe03ead9ada87621888a31a62652b10a7e4f (patch)
tree	9918b67a0d0f0bafa6542e839a8be37adf73102d /app/controllers/organizations/application_controller.rb
parent	c97c0201564848c1f53226fe19d71fdcc472f7d0 (diff)