diff options
author | Lin Jen-Shin <godfat@godfat.org> | 2017-05-23 18:42:26 +0300 |
---|---|---|
committer | Lin Jen-Shin <godfat@godfat.org> | 2017-05-24 10:31:30 +0300 |
commit | 524c947eafbc4b710ac862c4e90801b2777d49dc (patch) | |
tree | a3fc430937fd4d40414b0bd307be65189d074111 /app/controllers/projects/build_artifacts_controller.rb | |
parent | 43981250c426595c9b3c03a5153ae05d3de2a8e2 (diff) |
Add checks before redirect, remove status/trace
compatible urls, which were for javascripts
Diffstat (limited to 'app/controllers/projects/build_artifacts_controller.rb')
-rw-r--r-- | app/controllers/projects/build_artifacts_controller.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/app/controllers/projects/build_artifacts_controller.rb b/app/controllers/projects/build_artifacts_controller.rb index 873246f484e..f34a198634e 100644 --- a/app/controllers/projects/build_artifacts_controller.rb +++ b/app/controllers/projects/build_artifacts_controller.rb @@ -2,7 +2,9 @@ class Projects::BuildArtifactsController < Projects::ApplicationController include ExtractsPath include RendersBlob + before_action :authorize_read_build! before_action :extract_ref_name_and_path + before_action :validate_artifacts! def download redirect_to download_namespace_project_job_artifacts_path(project.namespace, project, job) @@ -26,6 +28,10 @@ class Projects::BuildArtifactsController < Projects::ApplicationController private + def validate_artifacts! + render_404 unless job && job.artifacts? + end + def extract_ref_name_and_path return unless params[:ref_name_and_path] |