Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authordrew cimino <dcimino@gitlab.com>2019-08-14 02:03:05 +0300
committerdrew cimino <dcimino@gitlab.com>2019-08-22 18:48:24 +0300
commitd29ea1fa13c730abfb9ee1f88ec703e29b234970 (patch)
tree14d71bdfaf2c65f0fb7096b2aea99461731dffa9 /app/controllers
parent03bf3271c1a80db87a1a0bf23b6472f2d939861f (diff)
admin_group authorization for Groups::RunnersController
- Use authorize_admin_group! instead of authorize_admin_pipeline! - Added role-based permission specs for Groups::RunnersController
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/groups/runners_controller.rb6
1 files changed, 1 insertions, 5 deletions
diff --git a/app/controllers/groups/runners_controller.rb b/app/controllers/groups/runners_controller.rb
index f8e32451b02..af2b2cbd1fd 100644
--- a/app/controllers/groups/runners_controller.rb
+++ b/app/controllers/groups/runners_controller.rb
@@ -3,7 +3,7 @@
class Groups::RunnersController < Groups::ApplicationController
# Proper policies should be implemented per
# https://gitlab.com/gitlab-org/gitlab-ce/issues/45894
- before_action :authorize_admin_pipeline!
+ before_action :authorize_admin_group!
before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show]
@@ -50,10 +50,6 @@ class Groups::RunnersController < Groups::ApplicationController
@runner ||= @group.runners.find(params[:id])
end
- def authorize_admin_pipeline!
- return render_404 unless can?(current_user, :admin_pipeline, group)
- end
-
def runner_params
params.require(:runner).permit(Ci::Runner::FORM_EDITABLE)
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-08 18:50:08 +0300