Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorYorick Peterse <yorickpeterse@gmail.com>2019-01-24 15:49:34 +0300
committerYorick Peterse <yorickpeterse@gmail.com>2019-01-24 15:49:37 +0300
commitcb632a436287af838cfaa50a7fb12e5f10a1908a (patch)
treef649808105e5985c4a8f8216ec48a732ac47e1f3 /lib
parent5fc2d1559afd27a701d99c875a6fc804129cb103 (diff)
Merge branch 'security-11-6-test-permissions' into 'security-11-6'
[11.6] Pipelines section is available to unauthorized users See merge request gitlab/gitlabhq!2805 (cherry picked from commit 6f6e0e2ba7e8e2afe38e2d57883a8dfda0685d86) e5c0b597 Backport security fix 181c74a1 Add CHANGELONG entry
Diffstat (limited to 'lib')
-rw-r--r--lib/api/pipelines.rb6
1 files changed, 3 insertions, 3 deletions
diff --git a/lib/api/pipelines.rb b/lib/api/pipelines.rb
index 7a7b23d2bbb..0317d69edde 100644
--- a/lib/api/pipelines.rb
+++ b/lib/api/pipelines.rb
@@ -76,7 +76,7 @@ module API
requires :pipeline_id, type: Integer, desc: 'The pipeline ID'
end
get ':id/pipelines/:pipeline_id' do
- authorize! :read_pipeline, user_project
+ authorize! :read_pipeline, pipeline
present pipeline, with: Entities::Pipeline
end
@@ -104,7 +104,7 @@ module API
requires :pipeline_id, type: Integer, desc: 'The pipeline ID'
end
post ':id/pipelines/:pipeline_id/retry' do
- authorize! :update_pipeline, user_project
+ authorize! :update_pipeline, pipeline
pipeline.retry_failed(current_user)
@@ -119,7 +119,7 @@ module API
requires :pipeline_id, type: Integer, desc: 'The pipeline ID'
end
post ':id/pipelines/:pipeline_id/cancel' do
- authorize! :update_pipeline, user_project
+ authorize! :update_pipeline, pipeline
pipeline.cancel_running
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-09 11:44:54 +0300