Commit 6f894bec authored by Grzegorz Bizon's avatar Grzegorz Bizon

Add definition of before action that has been moved

Closes #14528
parent 63c8a05b
......@@ -7,6 +7,7 @@ v 8.7.0 (unreleased)
v 8.6.2 (unreleased)
- Comments on confidential issues don't show up in activity feed to non-members
- Fix NoMethodError when visiting CI root path at `/ci`
v 8.6.1
- Add option to reload the schema before restoring a database backup. !2807
......
module Ci
class ProjectsController < Ci::ApplicationController
before_action :project
before_action :authorize_read_project!, except: [:badge]
before_action :no_cache, only: [:badge]
before_action :authorize_read_project!, except: [:badge, :index]
skip_before_action :authenticate_user!, only: [:badge]
protect_from_forgery
......@@ -35,5 +35,9 @@ module Ci
response.headers["Pragma"] = "no-cache"
response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
end
def authorize_read_project!
return access_denied! unless can?(current_user, :read_project, project)
end
end
end
......@@ -5,6 +5,16 @@ describe Ci::ProjectsController do
let!(:project) { create(:project, visibility, ci_id: 1) }
let(:ci_id) { project.ci_id }
describe '#index' do
let(:user) { create(:user) }
before { sign_in(user) }
before { get(:index) }
it 'returns 200' do
expect(response.status).to eq 200
end
end
##
# Specs for *deprecated* CI badge
#
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment