diff options
Diffstat (limited to 'app/controllers/uploads_controller.rb')
-rw-r--r-- | app/controllers/uploads_controller.rb | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 4df0ef78907..97bbb96eae6 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -14,7 +14,8 @@ class UploadsController < ApplicationController "appearance" => Appearance, "personal_snippet" => PersonalSnippet, "projects/topic" => Projects::Topic, - nil => PersonalSnippet + 'alert_management_metric_image' => ::AlertManagement::MetricImage, + nil => PersonalSnippet }.freeze rescue_from UnknownUploadModelError, with: :render_404 @@ -26,7 +27,7 @@ class UploadsController < ApplicationController before_action :authorize_create_access!, only: [:create, :authorize] before_action :verify_workhorse_api!, only: [:authorize] - feature_category :not_owned + feature_category :not_owned # rubocop:todo Gitlab/AvoidFeatureCategoryNotOwned def self.model_classes MODEL_CLASSES @@ -56,6 +57,8 @@ class UploadsController < ApplicationController true when Projects::Topic true + when ::AlertManagement::MetricImage + can?(current_user, :read_alert_management_metric_image, model.alert) else can?(current_user, "read_#{model.class.underscore}".to_sym, model) end |