BigW Consortium Gitlab

Commit b5c3ad75 by Douwe Maan

Merge branch 'backport-check-project-feature' into 'master'

Backport "check_project_feature_available!" from EE and use it for CE controllers See merge request !12305
parents 0551364c 8e5bf9d8
...@@ -53,9 +53,21 @@ class Projects::ApplicationController < ApplicationController ...@@ -53,9 +53,21 @@ class Projects::ApplicationController < ApplicationController
end end
end end
def check_project_feature_available!(feature)
render_404 unless project.feature_available?(feature, current_user)
end
def check_issuables_available!
render_404 unless project.feature_available?(:issues, current_user) ||
project.feature_available?(:merge_requests, current_user)
end
def method_missing(method_sym, *arguments, &block) def method_missing(method_sym, *arguments, &block)
if method_sym.to_s =~ /\Aauthorize_(.*)!\z/ case method_sym.to_s
when /\Aauthorize_(.*)!\z/
authorize_action!($1.to_sym) authorize_action!($1.to_sym)
when /\Acheck_(.*)_available!\z/
check_project_feature_available!($1.to_sym)
else else
super super
end end
......
class Projects::DiscussionsController < Projects::ApplicationController class Projects::DiscussionsController < Projects::ApplicationController
before_action :module_enabled before_action :check_merge_requests_available!
before_action :merge_request before_action :merge_request
before_action :discussion before_action :discussion
before_action :authorize_resolve_discussion! before_action :authorize_resolve_discussion!
...@@ -34,8 +34,4 @@ class Projects::DiscussionsController < Projects::ApplicationController ...@@ -34,8 +34,4 @@ class Projects::DiscussionsController < Projects::ApplicationController
def authorize_resolve_discussion! def authorize_resolve_discussion!
access_denied! unless discussion.can_resolve?(current_user) access_denied! unless discussion.can_resolve?(current_user)
end end
def module_enabled
render_404 unless @project.feature_available?(:merge_requests, current_user)
end
end end
...@@ -9,7 +9,7 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -9,7 +9,7 @@ class Projects::IssuesController < Projects::ApplicationController
prepend_before_action :authenticate_user!, only: [:new] prepend_before_action :authenticate_user!, only: [:new]
before_action :redirect_to_external_issue_tracker, only: [:index, :new] before_action :redirect_to_external_issue_tracker, only: [:index, :new]
before_action :module_enabled before_action :check_issues_available!
before_action :issue, except: [:index, :new, :create, :bulk_update] before_action :issue, except: [:index, :new, :create, :bulk_update]
# Allow write(create) issue # Allow write(create) issue
...@@ -250,7 +250,7 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -250,7 +250,7 @@ class Projects::IssuesController < Projects::ApplicationController
return render_404 unless can?(current_user, :push_code, @project) && @issue.can_be_worked_on?(current_user) return render_404 unless can?(current_user, :push_code, @project) && @issue.can_be_worked_on?(current_user)
end end
def module_enabled def check_issues_available!
return render_404 unless @project.feature_available?(:issues, current_user) && @project.default_issues_tracker? return render_404 unless @project.feature_available?(:issues, current_user) && @project.default_issues_tracker?
end end
......
class Projects::LabelsController < Projects::ApplicationController class Projects::LabelsController < Projects::ApplicationController
include ToggleSubscriptionAction include ToggleSubscriptionAction
before_action :module_enabled before_action :check_issuables_available!
before_action :label, only: [:edit, :update, :destroy, :promote] before_action :label, only: [:edit, :update, :destroy, :promote]
before_action :find_labels, only: [:index, :set_priorities, :remove_priority, :toggle_subscription] before_action :find_labels, only: [:index, :set_priorities, :remove_priority, :toggle_subscription]
before_action :authorize_read_label! before_action :authorize_read_label!
...@@ -135,12 +135,6 @@ class Projects::LabelsController < Projects::ApplicationController ...@@ -135,12 +135,6 @@ class Projects::LabelsController < Projects::ApplicationController
protected protected
def module_enabled
unless @project.feature_available?(:issues, current_user) || @project.feature_available?(:merge_requests, current_user)
return render_404
end
end
def label_params def label_params
params.require(:label).permit(:title, :description, :color) params.require(:label).permit(:title, :description, :color)
end end
......
...@@ -7,7 +7,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController ...@@ -7,7 +7,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
include ToggleAwardEmoji include ToggleAwardEmoji
include IssuableCollections include IssuableCollections
before_action :module_enabled before_action :check_merge_requests_available!
before_action :merge_request, only: [ before_action :merge_request, only: [
:edit, :update, :show, :diffs, :commits, :conflicts, :conflict_for_path, :pipelines, :merge, :edit, :update, :show, :diffs, :commits, :conflicts, :conflict_for_path, :pipelines, :merge,
:pipeline_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues, :commit_change_content :pipeline_status, :ci_environments_status, :toggle_subscription, :cancel_merge_when_pipeline_succeeds, :remove_wip, :resolve_conflicts, :assign_related_issues, :commit_change_content
...@@ -461,10 +461,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController ...@@ -461,10 +461,6 @@ class Projects::MergeRequestsController < Projects::ApplicationController
return render_404 unless @conflicts_list.can_be_resolved_by?(current_user) return render_404 unless @conflicts_list.can_be_resolved_by?(current_user)
end end
def module_enabled
return render_404 unless @project.feature_available?(:merge_requests, current_user)
end
def validates_merge_request def validates_merge_request
# Show git not found page # Show git not found page
# if there is no saved commits between source & target branch # if there is no saved commits between source & target branch
......
class Projects::MilestonesController < Projects::ApplicationController class Projects::MilestonesController < Projects::ApplicationController
include MilestoneActions include MilestoneActions
before_action :module_enabled before_action :check_issuables_available!
before_action :milestone, only: [:edit, :update, :destroy, :show, :merge_requests, :participants, :labels] before_action :milestone, only: [:edit, :update, :destroy, :show, :merge_requests, :participants, :labels]
# Allow read any milestone # Allow read any milestone
...@@ -95,12 +95,6 @@ class Projects::MilestonesController < Projects::ApplicationController ...@@ -95,12 +95,6 @@ class Projects::MilestonesController < Projects::ApplicationController
return render_404 unless can?(current_user, :admin_milestone, @project) return render_404 unless can?(current_user, :admin_milestone, @project)
end end
def module_enabled
unless @project.feature_available?(:issues, current_user) || @project.feature_available?(:merge_requests, current_user)
return render_404
end
end
def milestone_params def milestone_params
params.require(:milestone).permit(:title, :description, :start_date, :due_date, :state_event) params.require(:milestone).permit(:title, :description, :start_date, :due_date, :state_event)
end end
......
...@@ -5,7 +5,7 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -5,7 +5,7 @@ class Projects::SnippetsController < Projects::ApplicationController
include SnippetsActions include SnippetsActions
include RendersBlob include RendersBlob
before_action :module_enabled before_action :check_snippets_available!
before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam] before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam]
# Allow read any snippet # Allow read any snippet
...@@ -102,10 +102,6 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -102,10 +102,6 @@ class Projects::SnippetsController < Projects::ApplicationController
return render_404 unless can?(current_user, :admin_project_snippet, @snippet) return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
end end
def module_enabled
return render_404 unless @project.feature_available?(:snippets, current_user)
end
def snippet_params def snippet_params
params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level, :description) params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level, :description)
end end
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment