diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 12:45:46 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-02-18 12:45:46 +0300 |
commit | a7b3560714b4d9cc4ab32dffcd1f74a284b93580 (patch) | |
tree | 7452bd5c3545c2fa67a28aa013835fb4fa071baf /app/controllers/projects/commits_controller.rb | |
parent | ee9173579ae56a3dbfe5afe9f9410c65bb327ca7 (diff) |
Add latest changes from gitlab-org/gitlab@14-8-stable-eev14.8.0-rc42
Diffstat (limited to 'app/controllers/projects/commits_controller.rb')
-rw-r--r-- | app/controllers/projects/commits_controller.rb | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/app/controllers/projects/commits_controller.rb b/app/controllers/projects/commits_controller.rb index 1ca35903703..82a13b60b13 100644 --- a/app/controllers/projects/commits_controller.rb +++ b/app/controllers/projects/commits_controller.rb @@ -67,11 +67,11 @@ class Projects::CommitsController < Projects::ApplicationController def set_commits render_404 unless @path.empty? || request.format == :atom || @repository.blob_at(@commit.id, @path) || @repository.tree(@commit.id, @path).entries.present? - limit = params[:limit].to_i + limit = permitted_params[:limit].to_i @limit = limit > 0 ? limit : COMMITS_DEFAULT_LIMIT # limit can only ever be a positive number - @offset = (params[:offset] || 0).to_i - search = params[:search] - author = params[:author] + @offset = (permitted_params[:offset] || 0).to_i + search = permitted_params[:search] + author = permitted_params[:author] @commits = if search.present? @@ -87,4 +87,8 @@ class Projects::CommitsController < Projects::ApplicationController @commits = @commits.with_latest_pipeline(@ref) @commits = set_commits_for_rendering(@commits) end + + def permitted_params + params.permit(:limit, :offset, :search, :author) + end end |