diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-02 00:10:32 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-12-02 00:10:32 +0300 |
commit | 3b2d5044ab17d58a55a6609f73a6834cb8ab9d9a (patch) | |
tree | 916bc4b1ec2ac661957fdcff936d868d8cd6ec64 /app/controllers | |
parent | 07cbb41fee42601767b3aea2979d6fa6d990ce5b (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/organizations/application_controller.rb | 4 | ||||
-rw-r--r-- | app/controllers/organizations/organizations_controller.rb | 4 |
2 files changed, 6 insertions, 2 deletions
diff --git a/app/controllers/organizations/application_controller.rb b/app/controllers/organizations/application_controller.rb index 8a99b6804ae..9cc33ec0447 100644 --- a/app/controllers/organizations/application_controller.rb +++ b/app/controllers/organizations/application_controller.rb @@ -28,6 +28,10 @@ module Organizations access_denied! unless can?(current_user, :read_organization, organization) end + def authorize_read_organization_user! + access_denied! unless can?(current_user, :read_organization_user, organization) + end + def authorize_admin_organization! access_denied! unless can?(current_user, :admin_organization, organization) end diff --git a/app/controllers/organizations/organizations_controller.rb b/app/controllers/organizations/organizations_controller.rb index 3085f0c07d1..9f09627b1e4 100644 --- a/app/controllers/organizations/organizations_controller.rb +++ b/app/controllers/organizations/organizations_controller.rb @@ -4,7 +4,7 @@ module Organizations class OrganizationsController < ApplicationController feature_category :cell - skip_before_action :authenticate_user!, except: [:index, :new] + skip_before_action :authenticate_user!, except: [:index, :new, :users] def index; end @@ -21,7 +21,7 @@ module Organizations end def users - authorize_read_organization! + authorize_read_organization_user! end end end |