Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/concerns/milestone_actions.rb2
-rw-r--r--app/controllers/groups/milestones_controller.rb12
-rw-r--r--app/controllers/omniauth_callbacks_controller.rb9
-rw-r--r--app/controllers/sent_notifications_controller.rb6
4 files changed, 21 insertions, 8 deletions
diff --git a/app/controllers/concerns/milestone_actions.rb b/app/controllers/concerns/milestone_actions.rb
index 8b8b7db72f8..1ead631663e 100644
--- a/app/controllers/concerns/milestone_actions.rb
+++ b/app/controllers/concerns/milestone_actions.rb
@@ -20,7 +20,7 @@ module MilestoneActions
format.html { redirect_to milestone_redirect_path }
format.json do
render json: tabs_json("shared/milestones/_participants_tab", {
- users: @milestone.participants # rubocop:disable Gitlab/ModuleWithInstanceVariables
+ users: @milestone.issue_participants_visible_by_user(current_user) # rubocop:disable Gitlab/ModuleWithInstanceVariables
})
end
end
diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb
index 58df6f66d50..1eacae06457 100644
--- a/app/controllers/groups/milestones_controller.rb
+++ b/app/controllers/groups/milestones_controller.rb
@@ -3,14 +3,13 @@
class Groups::MilestonesController < Groups::ApplicationController
include MilestoneActions
- before_action :group_projects
before_action :milestone, only: [:edit, :show, :update, :merge_requests, :participants, :labels, :destroy]
before_action :authorize_admin_milestones!, only: [:edit, :new, :create, :update, :destroy]
def index
respond_to do |format|
format.html do
- @milestone_states = Milestone.states_count(group_projects, [group])
+ @milestone_states = Milestone.states_count(group_projects_with_access, [group])
@milestones = Kaminari.paginate_array(milestones).page(params[:page])
end
format.json do
@@ -100,13 +99,18 @@ class Groups::MilestonesController < Groups::ApplicationController
end
def legacy_milestones
- GroupMilestone.build_collection(group, group_projects, params)
+ GroupMilestone.build_collection(group, group_projects_with_access, params)
+ end
+
+ def group_projects_with_access
+ group_projects.with_issues_available_for_user(current_user)
+ .or(group_projects.with_merge_requests_available_for_user(current_user))
end
def milestone
@milestone =
if params[:title]
- GroupMilestone.build(group, group_projects, params[:title])
+ GroupMilestone.build(group, group_projects_with_access, params[:title])
else
group.milestones.find_by_iid(params[:id])
end
diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb
index ee2cf47d5cb..755ce3463c4 100644
--- a/app/controllers/omniauth_callbacks_controller.rb
+++ b/app/controllers/omniauth_callbacks_controller.rb
@@ -40,6 +40,8 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
def saml
omniauth_flow(Gitlab::Auth::Saml)
+ rescue Gitlab::Auth::Saml::IdentityLinker::UnverifiedRequest
+ redirect_unverified_saml_initiation
end
def omniauth_error
@@ -92,8 +94,7 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
return render_403 unless link_provider_allowed?(oauth['provider'])
log_audit_event(current_user, with: oauth['provider'])
-
- identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth)
+ identity_linker ||= auth_module::IdentityLinker.new(current_user, oauth, session)
link_identity(identity_linker)
@@ -194,6 +195,10 @@ class OmniauthCallbacksController < Devise::OmniauthCallbacksController
redirect_to new_user_session_path
end
+ def redirect_unverified_saml_initiation
+ redirect_to profile_account_path, notice: _('Request to link SAML account must be authorized')
+ end
+
def handle_disabled_provider
label = Gitlab::Auth::OAuth::Provider.label_for(oauth['provider'])
flash[:alert] = _("Signing in using %{label} has been disabled") % { label: label }
diff --git a/app/controllers/sent_notifications_controller.rb b/app/controllers/sent_notifications_controller.rb
index 51a67cd2e3b..893f5145e99 100644
--- a/app/controllers/sent_notifications_controller.rb
+++ b/app/controllers/sent_notifications_controller.rb
@@ -19,7 +19,11 @@ class SentNotificationsController < ApplicationController
flash[:notice] = _("You have been unsubscribed from this thread.")
if current_user
- redirect_to noteable_path(noteable)
+ if current_user.can?(:"read_#{noteable.class.to_ability_name}", noteable)
+ redirect_to noteable_path(noteable)
+ else
+ redirect_to root_path
+ end
else
redirect_to new_user_session_path
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-01 22:55:57 +0300