diff options
author | Sean McGivern <sean@gitlab.com> | 2017-02-01 21:15:59 +0300 |
---|---|---|
committer | Sean McGivern <sean@gitlab.com> | 2017-02-02 13:23:51 +0300 |
commit | c63194ce6f952173649d7de4038aa96348e90565 (patch) | |
tree | a9622e1e5ffc86bf35fc9556152cc03cf2841ef5 /app/controllers/projects/snippets_controller.rb | |
parent | f799585c41d801bc657f992adf3d4b201af927d2 (diff) |
Check public snippets for spam
Apply the same spam checks to public snippets (either personal snippets
that are public, or public snippets on public projects) as to issues on
public projects.
Diffstat (limited to 'app/controllers/projects/snippets_controller.rb')
-rw-r--r-- | app/controllers/projects/snippets_controller.rb | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index 02a97c1c574..5d193f26a8e 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -1,8 +1,9 @@ class Projects::SnippetsController < Projects::ApplicationController include ToggleAwardEmoji + include SpammableActions before_action :module_enabled - before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji] + before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam] # Allow read any snippet before_action :authorize_read_project_snippet!, except: [:new, :create, :index] @@ -36,8 +37,8 @@ class Projects::SnippetsController < Projects::ApplicationController end def create - @snippet = CreateSnippetService.new(@project, current_user, - snippet_params).execute + create_params = snippet_params.merge(request: request) + @snippet = CreateSnippetService.new(@project, current_user, create_params).execute if @snippet.valid? respond_with(@snippet, @@ -88,6 +89,7 @@ class Projects::SnippetsController < Projects::ApplicationController @snippet ||= @project.snippets.find(params[:id]) end alias_method :awardable, :snippet + alias_method :spammable, :snippet def authorize_read_project_snippet! return render_404 unless can?(current_user, :read_project_snippet, @snippet) |