Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2014-10-21 12:43:12 +0400
committerDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2014-10-21 12:43:12 +0400
commit8ad9a75f88f7165463e9f5f0c5d8ff0c3556d4ca (patch)
treec48d734f96ce6ef896e7e3396ba0105a4fd3bee5 /app/controllers
parent85ddf1b918209d727cb91a3054458b7831ae1157 (diff)
parent4d0d5e79ba4317cedfb2b0304ac5d376ad781b1a (diff)
Merge pull request #8030 from cirosantilli/factor-authorize
Factor authorize_push! and authorize_code_access!
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/application_controller.rb8
-rw-r--r--app/controllers/projects/base_tree_controller.rb2
-rw-r--r--app/controllers/projects/blame_controller.rb2
-rw-r--r--app/controllers/projects/blob_controller.rb4
-rw-r--r--app/controllers/projects/branches_controller.rb4
-rw-r--r--app/controllers/projects/commit_controller.rb2
-rw-r--r--app/controllers/projects/commits_controller.rb2
-rw-r--r--app/controllers/projects/compare_controller.rb2
-rw-r--r--app/controllers/projects/edit_tree_controller.rb2
-rw-r--r--app/controllers/projects/graphs_controller.rb2
-rw-r--r--app/controllers/projects/network_controller.rb2
-rw-r--r--app/controllers/projects/new_tree_controller.rb2
-rw-r--r--app/controllers/projects/raw_controller.rb2
-rw-r--r--app/controllers/projects/refs_controller.rb2
-rw-r--r--app/controllers/projects/repositories_controller.rb2
-rw-r--r--app/controllers/projects/tags_controller.rb4
16 files changed, 18 insertions, 26 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 955f3a14af5..a635f877446 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -122,14 +122,6 @@ class ApplicationController < ActionController::Base
return access_denied! unless can?(current_user, action, project)
end
- def authorize_code_access!
- return access_denied! unless can?(current_user, :download_code, project)
- end
-
- def authorize_push!
- return access_denied! unless can?(current_user, :push_code, project)
- end
-
def authorize_labels!
# Labels should be accessible for issues and/or merge requests
authorize_read_issue! || authorize_read_merge_request!
diff --git a/app/controllers/projects/base_tree_controller.rb b/app/controllers/projects/base_tree_controller.rb
index 5e305934433..56c306063c8 100644
--- a/app/controllers/projects/base_tree_controller.rb
+++ b/app/controllers/projects/base_tree_controller.rb
@@ -2,7 +2,7 @@ class Projects::BaseTreeController < Projects::ApplicationController
include ExtractsPath
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
end
diff --git a/app/controllers/projects/blame_controller.rb b/app/controllers/projects/blame_controller.rb
index a3c41301676..bad06e7aa2d 100644
--- a/app/controllers/projects/blame_controller.rb
+++ b/app/controllers/projects/blame_controller.rb
@@ -4,7 +4,7 @@ class Projects::BlameController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def show
diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb
index 0944c7421ee..04aa044001e 100644
--- a/app/controllers/projects/blob_controller.rb
+++ b/app/controllers/projects/blob_controller.rb
@@ -4,9 +4,9 @@ class Projects::BlobController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
- before_filter :authorize_push!, only: [:destroy]
+ before_filter :authorize_push_code!, only: [:destroy]
before_filter :blob
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index faa0ce67ca8..dd6df5d196b 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -3,8 +3,8 @@ class Projects::BranchesController < Projects::ApplicationController
before_filter :authorize_read_project!
before_filter :require_non_empty_project
- before_filter :authorize_code_access!
- before_filter :authorize_push!, only: [:create, :destroy]
+ before_filter :authorize_download_code!
+ before_filter :authorize_push_code!, only: [:create, :destroy]
def index
@sort = params[:sort] || 'name'
diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb
index df09ee7ed9d..cf05e6ea220 100644
--- a/app/controllers/projects/commit_controller.rb
+++ b/app/controllers/projects/commit_controller.rb
@@ -4,7 +4,7 @@
class Projects::CommitController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
before_filter :commit
diff --git a/app/controllers/projects/commits_controller.rb b/app/controllers/projects/commits_controller.rb
index b7f09eb271d..53a0d063d8e 100644
--- a/app/controllers/projects/commits_controller.rb
+++ b/app/controllers/projects/commits_controller.rb
@@ -5,7 +5,7 @@ class Projects::CommitsController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def show
diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb
index 7a671e8455d..6d944025598 100644
--- a/app/controllers/projects/compare_controller.rb
+++ b/app/controllers/projects/compare_controller.rb
@@ -1,7 +1,7 @@
class Projects::CompareController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def index
diff --git a/app/controllers/projects/edit_tree_controller.rb b/app/controllers/projects/edit_tree_controller.rb
index fdc1a85d8d7..65661c80410 100644
--- a/app/controllers/projects/edit_tree_controller.rb
+++ b/app/controllers/projects/edit_tree_controller.rb
@@ -1,7 +1,7 @@
class Projects::EditTreeController < Projects::BaseTreeController
before_filter :require_branch_head
before_filter :blob
- before_filter :authorize_push!
+ before_filter :authorize_push_code!
before_filter :from_merge_request
before_filter :after_edit_path
diff --git a/app/controllers/projects/graphs_controller.rb b/app/controllers/projects/graphs_controller.rb
index 610b4967fea..21d3970d65a 100644
--- a/app/controllers/projects/graphs_controller.rb
+++ b/app/controllers/projects/graphs_controller.rb
@@ -1,7 +1,7 @@
class Projects::GraphsController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def show
diff --git a/app/controllers/projects/network_controller.rb b/app/controllers/projects/network_controller.rb
index 9832495c64f..009089ee639 100644
--- a/app/controllers/projects/network_controller.rb
+++ b/app/controllers/projects/network_controller.rb
@@ -4,7 +4,7 @@ class Projects::NetworkController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def show
diff --git a/app/controllers/projects/new_tree_controller.rb b/app/controllers/projects/new_tree_controller.rb
index 71a5c6499ec..ffba706b2f6 100644
--- a/app/controllers/projects/new_tree_controller.rb
+++ b/app/controllers/projects/new_tree_controller.rb
@@ -1,6 +1,6 @@
class Projects::NewTreeController < Projects::BaseTreeController
before_filter :require_branch_head
- before_filter :authorize_push!
+ before_filter :authorize_push_code!
def show
end
diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb
index 5ec9c576a66..f4fdd616c50 100644
--- a/app/controllers/projects/raw_controller.rb
+++ b/app/controllers/projects/raw_controller.rb
@@ -4,7 +4,7 @@ class Projects::RawController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def show
diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb
index 7997c726fbb..9ac189a78b3 100644
--- a/app/controllers/projects/refs_controller.rb
+++ b/app/controllers/projects/refs_controller.rb
@@ -3,7 +3,7 @@ class Projects::RefsController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def switch
diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb
index 4e0f190ed1c..6d8ef0f1ac8 100644
--- a/app/controllers/projects/repositories_controller.rb
+++ b/app/controllers/projects/repositories_controller.rb
@@ -1,7 +1,7 @@
class Projects::RepositoriesController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_project!
- before_filter :authorize_code_access!
+ before_filter :authorize_download_code!
before_filter :require_non_empty_project
def archive
diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb
index 537c94bda20..94794fb5dd0 100644
--- a/app/controllers/projects/tags_controller.rb
+++ b/app/controllers/projects/tags_controller.rb
@@ -3,8 +3,8 @@ class Projects::TagsController < Projects::ApplicationController
before_filter :authorize_read_project!
before_filter :require_non_empty_project
- before_filter :authorize_code_access!
- before_filter :authorize_push!, only: [:create]
+ before_filter :authorize_download_code!
+ before_filter :authorize_push_code!, only: [:create]
before_filter :authorize_admin_project!, only: [:destroy]
def index