diff options
| author | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-02 01:58:04 +0300 |
|---|---|---|
| committer | Kamil Trzcinski <ayufan@ayufan.eu> | 2016-02-02 11:18:08 +0300 |
| commit | 055afab5c7d33d061d339c270bd258ed847450f3 (patch) | |
| tree | e72ba0bc495456f3f106d23576810cec4238af21 /lib/api/triggers.rb | |
| parent | 7df149bb63c91792fb958db87b24bb120463a49e (diff) | |
Make the CI permission model simpler
This MR simplifies CI permission model:
- read_build: allows to read a list of builds, artifacts and trace
- update_build: allows to cancel and retry builds
- create_build: allows to create builds from gitlab-ci.yml (not yet implemented)
- admin_build: allows to manage triggers, runners and variables
- read_commit_status: allows to read a list of commit statuses (including the overall of builds)
- create_commit_status: allows to create a new commit status using API
Remove all extra methods to manage permission.
Made all controllers to use explicitly the new permissions.
Diffstat (limited to 'lib/api/triggers.rb')
| -rw-r--r-- | lib/api/triggers.rb | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/lib/api/triggers.rb b/lib/api/triggers.rb index 5e4964f446c..d1d07394e92 100644 --- a/lib/api/triggers.rb +++ b/lib/api/triggers.rb @@ -54,7 +54,7 @@ module API # GET /projects/:id/triggers get ':id/triggers' do authenticate! - authorize_admin_project + authorize! :admin_build, user_project triggers = user_project.triggers.includes(:trigger_requests) triggers = paginate(triggers) @@ -71,7 +71,7 @@ module API # GET /projects/:id/triggers/:token get ':id/triggers/:token' do authenticate! - authorize_admin_project + authorize! :admin_build, user_project trigger = user_project.triggers.find_by(token: params[:token].to_s) return not_found!('Trigger') unless trigger @@ -87,7 +87,7 @@ module API # POST /projects/:id/triggers post ':id/triggers' do authenticate! - authorize_admin_project + authorize! :admin_build, user_project trigger = user_project.triggers.create @@ -103,7 +103,7 @@ module API # DELETE /projects/:id/triggers/:token delete ':id/triggers/:token' do authenticate! - authorize_admin_project + authorize! :admin_build, user_project trigger = user_project.triggers.find_by(token: params[:token].to_s) return not_found!('Trigger') unless trigger |