diff options
| author | Mark Chao <mchao@gitlab.com> | 2018-12-11 09:32:25 +0300 |
|---|---|---|
| committer | Mark Chao <mchao@gitlab.com> | 2018-12-20 09:32:51 +0300 |
| commit | ed0d691e0dfba54cd8f03706afd011afe4063a7a (patch) | |
| tree | 25efce5071ce983bd99d74546af262075786cd15 /app/models/snippet.rb | |
| parent | 30c6db8f0354847c275335c120d7218c0098c41f (diff) | |
Block private snippets from being embeddable
Diffstat (limited to 'app/models/snippet.rb')
| -rw-r--r-- | app/models/snippet.rb | 8 |
1 files changed, 3 insertions, 5 deletions
diff --git a/app/models/snippet.rb b/app/models/snippet.rb index e623ee8161f..f9b23bbbf6c 100644 --- a/app/models/snippet.rb +++ b/app/models/snippet.rb @@ -176,11 +176,9 @@ class Snippet < ActiveRecord::Base end def embeddable? - if project_id? - Ability.allowed?(nil, :read_project_snippet, self) - else - Ability.allowed?(nil, :read_personal_snippet, self) - end + ability = project_id? ? :read_project_snippet : :read_personal_snippet + + Ability.allowed?(nil, ability, self) end def notes_with_associations |