diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/concerns/milestone_actions.rb | 2 | ||||
-rw-r--r-- | app/controllers/groups/milestones_controller.rb | 12 | ||||
-rw-r--r-- | app/controllers/omniauth_callbacks_controller.rb | 9 | ||||
-rw-r--r-- | app/controllers/sent_notifications_controller.rb | 6 |
4 files changed, 21 insertions, 8 deletions
diff --git a/app/controllers/concerns/milestone_actions.rb b/app/controllers/concerns/milestone_actions.rb index 8b8b7db72f8..1ead631663e 100644 --- a/app/controllers/concerns/milestone_actions.rb +++ b/app/controllers/concerns/milestone_actions.rb @@ -20,7 +20,7 @@ module MilestoneActions format.html { redirect_to milestone_redirect_path } format.json do render json: tabs_json("shared/milestones/_participants_tab", { - users: @milestone.participants # rubocop:disable Gitlab/ModuleWithInstanceVariables + users: @milestone.issue_participants_visible_by_user(current_user) # rubocop:disable Gitlab/ModuleWithInstanceVariables }) end end diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index 58df6f66d50..1eacae06457 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -3,14 +3,13 @@ class Groups::MilestonesController < Groups::ApplicationController include MilestoneActions - before_action :group_projects before_action :milestone, only: [:edit, :show, :update, :merge_requests, :participants, :labels, :destroy] before_action :authorize_admin_milestones!, only: [:edit, :new, :create, :update, :destroy] def index respond_to do |format| format.html do - @milestone_states = Milestone.states_count(group_projects, [group]) + @milestone_states = Milestone.states_count(group_projects_with_access, [group]) @milestones = Kaminari.paginate_array(milestones).page(params[:page]) end format.json do @@ -100,13 +99,18 @@ class Groups::MilestonesController < Groups::ApplicationController end def legacy_milestones - GroupMilestone.build_collection(group, group_projects, params) + GroupMilestone.build_collection(group, group_projects_with_access, params) + end + + def group_projects_with_access + group_projects.with_issues_available_for_user(current_user) + .or(group_projects.with_merge_requests_available_for_user(current_user)) end def milestone @milestone = if params[:title] - GroupMilestone.build(group, group_projects, params[:title]) + GroupMilestone.build(group, group_projects_with_access, params[:title]) else group.milestones.find_by_iid(params[:id]) end diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb index ee2cf47d5cb..755ce3463c4 100644 --- a/app/controllers/omniauth_callbacks_controller.rb +++ b/app/controllers/omniauth_callbacks_controller.rb @@ -40,6 +40,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController def saml omniauth_flow(Gitlab::Auth::Saml) + rescue Gitlab::Auth::Saml::IdentityLinker::UnverifiedRequest + redirect_unverified_saml_initiation end def omniauth_error @@ -92,8 +94,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController return render_403 unless link_provider_allowed?(oauth['provider']) log_audit_event(current_user, with: oauth['provider']) - - identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth) + identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth, session) link_identity(identity_linker) @@ -194,6 +195,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController redirect_to new_user_session_path end + def redirect_unverified_saml_initiation + redirect_to profile_account_path, notice: _('Request to link SAML account must be authorized') + end + def handle_disabled_provider label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider']) flash[:alert] = _("Signing in using %{label} has been disabled") % { label: label } diff --git a/app/controllers/sent_notifications_controller.rb b/app/controllers/sent_notifications_controller.rb index 51a67cd2e3b..893f5145e99 100644 --- a/app/controllers/sent_notifications_controller.rb +++ b/app/controllers/sent_notifications_controller.rb @@ -19,7 +19,11 @@ class SentNotificationsController < ApplicationController flash[:notice] = _("You have been unsubscribed from this thread.") if current_user - redirect_to noteable_path(noteable) + if current_user.can?(:"read_#{noteable.class.to_ability_name}", noteable) + redirect_to noteable_path(noteable) + else + redirect_to root_path + end else redirect_to new_user_session_path end |