Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/ci/pipeline_schedules/base_save_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/ci/pipeline_schedules/base_save_service.rb')
-rw-r--r--app/services/ci/pipeline_schedules/base_save_service.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/services/ci/pipeline_schedules/base_save_service.rb b/app/services/ci/pipeline_schedules/base_save_service.rb
index 45d70e5a65d..e6f633498e9 100644
--- a/app/services/ci/pipeline_schedules/base_save_service.rb
+++ b/app/services/ci/pipeline_schedules/base_save_service.rb
@@ -23,7 +23,11 @@ module Ci
attr_reader :project, :user, :params, :schedule
def allowed_to_save?
- user.can?(self.class::AUTHORIZE, schedule)
+ # Disable cache because the same ability may already have been checked
+ # for the same records with different attributes. For example, we do not
+ # want an unauthorized user to change an unprotected ref to a protected
+ # ref.
+ user.can?(self.class::AUTHORIZE, schedule, cache: false)
end
def forbidden_to_save
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 17:09:23 +0300