diff options
author | Vinnie Okada <vokada@mrvinn.com> | 2015-03-07 22:47:06 +0300 |
---|---|---|
committer | Vinnie Okada <vokada@mrvinn.com> | 2015-03-09 02:57:08 +0300 |
commit | 928fc94c3d900069902b097d6464acee712a886c (patch) | |
tree | e30cbea42055c082e76881bd36ccd94f72afac8e /app/services/create_snippet_service.rb | |
parent | 285c5341855f8af6cbea5e964e3104a4698fa450 (diff) |
Enforce restricted visibilities for snippets
Add new service classes to create and update project and personal
snippets. These classes are responsible for enforcing restricted
visibility settings for non-admin users.
Diffstat (limited to 'app/services/create_snippet_service.rb')
-rw-r--r-- | app/services/create_snippet_service.rb | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/app/services/create_snippet_service.rb b/app/services/create_snippet_service.rb new file mode 100644 index 00000000000..101a3df5eee --- /dev/null +++ b/app/services/create_snippet_service.rb @@ -0,0 +1,20 @@ +class CreateSnippetService < BaseService + def execute + if project.nil? + snippet = PersonalSnippet.new(params) + else + snippet = project.snippets.build(params) + end + + unless Gitlab::VisibilityLevel.allowed_for?(current_user, + params[:visibility_level]) + deny_visibility_level(snippet) + return snippet + end + + snippet.author = current_user + + snippet.save + snippet + end +end |