module Ci class ProjectsController < ::ApplicationController before_action :project before_action :no_cache, only: [:badge] before_action :authorize_read_project!, except: [:badge, :index] skip_before_action :authenticate_user!, only: [:badge] protect_from_forgery def index redirect_to root_path end def show # Temporary compatibility with CI badges pointing to CI project page redirect_to namespace_project_path(project.namespace, project) end # Project status badge # Image with build status for sha or ref # # This action in DEPRECATED, this is here only for backwards compatibility # with projects migrated from GitLab CI. # def badge return render_404 unless @project image = Ci::ImageForBuildService.new.execute(@project, params) send_file image.path, filename: image.name, disposition: 'inline', type: "image/svg+xml" end protected def project @project ||= Project.find_by(ci_id: params[:id].to_i) end def no_cache response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate" response.headers["Pragma"] = "no-cache" response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" end def authorize_read_project! return access_denied! unless can?(current_user, :read_project, project) end end end