diff options
author | Stan Hu <stanhu@gmail.com> | 2018-11-17 08:59:17 +0300 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2018-11-17 10:18:06 +0300 |
commit | 7be7f570dc9d8bf482d8a1e548b3bd21cccdc39d (patch) | |
tree | 09c3e305a6af2aac3f2ee5eb58e5eba85e124079 /app/controllers/projects/deploy_keys_controller.rb | |
parent | 6494467a191f119af31ce3e8d3f32885c1244bdc (diff) |
Fix enabling project deploy key for admins
Admins would be prevented from adding a project deploy key since the
accessible keys would be restricted to the user's keys.
Also backports a spec for DeployKeysController from
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/8432.
Diffstat (limited to 'app/controllers/projects/deploy_keys_controller.rb')
-rw-r--r-- | app/controllers/projects/deploy_keys_controller.rb | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb index 92ef10a9ef5..0a593bd35b6 100644 --- a/app/controllers/projects/deploy_keys_controller.rb +++ b/app/controllers/projects/deploy_keys_controller.rb @@ -46,7 +46,9 @@ class Projects::DeployKeysController < Projects::ApplicationController end def enable - Projects::EnableDeployKeyService.new(@project, current_user, params).execute + key = Projects::EnableDeployKeyService.new(@project, current_user, params).execute + + return render_404 unless key respond_to do |format| format.html { redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings') } @@ -54,19 +56,16 @@ class Projects::DeployKeysController < Projects::ApplicationController end end - # rubocop: disable CodeReuse/ActiveRecord def disable - deploy_key_project = @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]) - return render_404 unless deploy_key_project + deploy_key_project = Projects::DisableDeployKeyService.new(@project, current_user, params).execute - deploy_key_project.destroy! + return render_404 unless deploy_key_project respond_to do |format| format.html { redirect_to_repository_settings(@project, anchor: 'js-deploy-keys-settings') } format.json { head :ok } end end - # rubocop: enable CodeReuse/ActiveRecord protected |