diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-23 15:08:38 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-01-23 15:08:38 +0300 |
commit | 5ad0cf26551baff8f08af8562a8d45e6ec14d71a (patch) | |
tree | 57f1a6bad31bcd11efacd3fdfb9cc92f88fb6a86 /app/controllers/projects/snippets_controller.rb | |
parent | f47c768fad17d4c876e96524f83f8306f071db66 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers/projects/snippets_controller.rb')
-rw-r--r-- | app/controllers/projects/snippets_controller.rb | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index daddd9dd485..d7ae6d2cbb4 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -15,17 +15,17 @@ class Projects::SnippetsController < Projects::ApplicationController before_action :check_snippets_available! before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam] - # Allow read any snippet - before_action :authorize_read_project_snippet!, except: [:new, :create, :index] + # Allow create snippet + before_action :authorize_create_snippet!, only: [:new, :create] - # Allow write(create) snippet - before_action :authorize_create_project_snippet!, only: [:new, :create] + # Allow read any snippet + before_action :authorize_read_snippet!, except: [:new, :create, :index] # Allow modify snippet - before_action :authorize_update_project_snippet!, only: [:edit, :update] + before_action :authorize_update_snippet!, only: [:edit, :update] # Allow destroy snippet - before_action :authorize_admin_project_snippet!, only: [:destroy] + before_action :authorize_admin_snippet!, only: [:destroy] respond_to :html @@ -115,16 +115,16 @@ class Projects::SnippetsController < Projects::ApplicationController project_snippet_path(@project, @snippet) end - def authorize_read_project_snippet! - return render_404 unless can?(current_user, :read_project_snippet, @snippet) + def authorize_read_snippet! + return render_404 unless can?(current_user, :read_snippet, @snippet) end - def authorize_update_project_snippet! - return render_404 unless can?(current_user, :update_project_snippet, @snippet) + def authorize_update_snippet! + return render_404 unless can?(current_user, :update_snippet, @snippet) end - def authorize_admin_project_snippet! - return render_404 unless can?(current_user, :admin_project_snippet, @snippet) + def authorize_admin_snippet! + return render_404 unless can?(current_user, :admin_snippet, @snippet) end def snippet_params |