Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers/organizations
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/organizations')
-rw-r--r--app/controllers/organizations/application_controller.rb15
-rw-r--r--app/controllers/organizations/organizations_controller.rb16
2 files changed, 23 insertions, 8 deletions
diff --git a/app/controllers/organizations/application_controller.rb b/app/controllers/organizations/application_controller.rb
index 568cfe6399d..d3c3e878bdf 100644
--- a/app/controllers/organizations/application_controller.rb
+++ b/app/controllers/organizations/application_controller.rb
@@ -2,7 +2,7 @@
module Organizations
class ApplicationController < ::ApplicationController
- skip_before_action :authenticate_user!
+ before_action :check_feature_flag!
before_action :organization
layout 'organization'
@@ -16,11 +16,16 @@ module Organizations
end
strong_memoize_attr :organization
- def authorize_action!(action)
- return if Feature.enabled?(:ui_for_organizations, current_user) &&
- can?(current_user, action, organization)
+ def check_feature_flag!
+ access_denied! unless Feature.enabled?(:ui_for_organizations, current_user)
+ end
+
+ def authorize_create_organization!
+ access_denied! unless can?(current_user, :create_organization)
+ end
- access_denied!
+ def authorize_read_organization!
+ access_denied! unless can?(current_user, :read_organization, organization)
end
end
end
diff --git a/app/controllers/organizations/organizations_controller.rb b/app/controllers/organizations/organizations_controller.rb
index 650ec97c264..88c6c9b3cef 100644
--- a/app/controllers/organizations/organizations_controller.rb
+++ b/app/controllers/organizations/organizations_controller.rb
@@ -4,10 +4,20 @@ module Organizations
class OrganizationsController < ApplicationController
feature_category :cell
- before_action { authorize_action!(:read_organization) }
+ skip_before_action :authenticate_user!, except: [:index, :new]
- def show; end
+ def index; end
- def groups_and_projects; end
+ def new
+ authorize_create_organization!
+ end
+
+ def show
+ authorize_read_organization!
+ end
+
+ def groups_and_projects
+ authorize_read_organization!
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-18 13:49:40 +0300