diff options
Diffstat (limited to 'lib/api')
-rw-r--r-- | lib/api/commit_statuses.rb | 2 | ||||
-rw-r--r-- | lib/api/helpers.rb | 10 |
2 files changed, 12 insertions, 0 deletions
diff --git a/lib/api/commit_statuses.rb b/lib/api/commit_statuses.rb index d108c811f4b..e0a6dc41b65 100644 --- a/lib/api/commit_statuses.rb +++ b/lib/api/commit_statuses.rb @@ -85,6 +85,8 @@ module API protected: @project.protected_for?(ref)) end + authorize! :update_pipeline, pipeline + status = GenericCommitStatus.running_or_pending.find_or_initialize_by( project: @project, pipeline: pipeline, diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 37cb6d6a639..7ae19ab514b 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -256,11 +256,21 @@ module API end def require_gitlab_workhorse! + verify_workhorse_api! + unless env['HTTP_GITLAB_WORKHORSE'].present? forbidden!('Request should be executed via GitLab Workhorse') end end + def verify_workhorse_api! + Gitlab::Workhorse.verify_api_request!(request.headers) + rescue => e + Gitlab::ErrorTracking.track_exception(e) + + forbidden! + end + def require_pages_enabled! not_found! unless user_project.pages_available? end |