Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers/projects/settings
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers/projects/settings')
-rw-r--r--app/controllers/projects/settings/access_tokens_controller.rb9
-rw-r--r--app/controllers/projects/settings/ci_cd_controller.rb3
-rw-r--r--app/controllers/projects/settings/operations_controller.rb1
-rw-r--r--app/controllers/projects/settings/repository_controller.rb1
4 files changed, 10 insertions, 4 deletions
diff --git a/app/controllers/projects/settings/access_tokens_controller.rb b/app/controllers/projects/settings/access_tokens_controller.rb
index 74350147825..e3bb8c616df 100644
--- a/app/controllers/projects/settings/access_tokens_controller.rb
+++ b/app/controllers/projects/settings/access_tokens_controller.rb
@@ -5,7 +5,10 @@ module Projects
class AccessTokensController < Projects::ApplicationController
include ProjectsHelper
- before_action :check_feature_availability
+ layout 'project_settings'
+ before_action -> { check_permission(:read_resource_access_tokens) }, only: [:index]
+ before_action -> { check_permission(:destroy_resource_access_tokens) }, only: [:revoke]
+ before_action -> { check_permission(:create_resource_access_tokens) }, only: [:create]
feature_category :authentication_and_authorization
@@ -42,8 +45,8 @@ module Projects
private
- def check_feature_availability
- render_404 unless project_access_token_available?(@project)
+ def check_permission(action)
+ render_404 unless can?(current_user, action, @project)
end
def create_params
diff --git a/app/controllers/projects/settings/ci_cd_controller.rb b/app/controllers/projects/settings/ci_cd_controller.rb
index 34b11c456b9..1a465406660 100644
--- a/app/controllers/projects/settings/ci_cd_controller.rb
+++ b/app/controllers/projects/settings/ci_cd_controller.rb
@@ -7,6 +7,7 @@ module Projects
NUMBER_OF_RUNNERS_PER_PAGE = 20
+ layout 'project_settings'
before_action :authorize_admin_pipeline!
before_action :define_variables
before_action do
@@ -61,7 +62,7 @@ module Projects
end
def runner_setup_scripts
- private_runner_setup_scripts(project: @project)
+ private_runner_setup_scripts
end
private
diff --git a/app/controllers/projects/settings/operations_controller.rb b/app/controllers/projects/settings/operations_controller.rb
index c407b15e29f..a05793a0283 100644
--- a/app/controllers/projects/settings/operations_controller.rb
+++ b/app/controllers/projects/settings/operations_controller.rb
@@ -3,6 +3,7 @@
module Projects
module Settings
class OperationsController < Projects::ApplicationController
+ layout 'project_settings'
before_action :authorize_admin_operations!
before_action :authorize_read_prometheus_alerts!, only: [:reset_alerting_token]
diff --git a/app/controllers/projects/settings/repository_controller.rb b/app/controllers/projects/settings/repository_controller.rb
index 821560e32ba..bb5ad8e9aea 100644
--- a/app/controllers/projects/settings/repository_controller.rb
+++ b/app/controllers/projects/settings/repository_controller.rb
@@ -3,6 +3,7 @@
module Projects
module Settings
class RepositoryController < Projects::ApplicationController
+ layout 'project_settings'
before_action :authorize_admin_project!
before_action :define_variables, only: [:create_deploy_token]
before_action do
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 10:15:28 +0300