Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
bb6f2467
Commit
bb6f2467
authored
Jun 14, 2016
by
Kamil Trzcinski
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Authorize environments controller actions
parent
e129f66d
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
48 additions
and
2 deletions
+48
-2
app/controllers/projects/environments_controller.rb
app/controllers/projects/environments_controller.rb
+2
-0
app/views/projects/environments/new.html.haml
app/views/projects/environments/new.html.haml
+1
-1
app/views/projects/environments/show.html.haml
app/views/projects/environments/show.html.haml
+2
-1
spec/features/security/project/public_access_spec.rb
spec/features/security/project/public_access_spec.rb
+43
-0
No files found.
app/controllers/projects/environments_controller.rb
View file @
bb6f2467
class
Projects::EnvironmentsController
<
Projects
::
ApplicationController
layout
'project'
before_action
:authorize_read_environment!
before_action
:authorize_create_environment!
,
only:
[
:new
,
:create
]
before_action
:authorize_update_environment!
,
only:
[
:destroy
]
before_action
:environment
,
only:
[
:show
,
:destroy
]
def
index
...
...
app/views/projects/environments/new.html.haml
View file @
bb6f2467
...
...
@@ -9,7 +9,7 @@
=
form_for
@environment
,
url:
namespace_project_environments_path
(
@project
.
namespace
,
@project
),
html:
{
id:
"new-environment-form"
,
class:
"col-lg-9 js-new-environment-form js-requires-input"
}
do
|
f
|
=
form_errors
(
@environment
)
.form-group
=
f
.
label
:
ref
,
'Environment name'
,
class:
'label-light'
=
f
.
label
:
name
,
'Environment name'
,
class:
'label-light'
=
f
.
text_field
:name
,
required:
true
,
class:
'form-control'
=
f
.
submit
'Create environment'
,
class:
'btn btn-create'
=
link_to
"Cancel"
,
namespace_project_environments_path
(
@project
.
namespace
,
@project
),
class:
"btn btn-cancel"
app/views/projects/environments/show.html.haml
View file @
bb6f2467
...
...
@@ -9,7 +9,8 @@
.col-md-3
.nav-controls
=
link_to
'Destroy'
,
namespace_project_environment_path
(
@project
.
namespace
,
@project
,
@environment
),
data:
{
confirm:
'Are you sure?'
},
class:
'btn btn-danger'
,
method: :delete
-
if
can?
(
current_user
,
:update_environment
,
@project
)
=
link_to
'Destroy'
,
namespace_project_environment_path
(
@project
.
namespace
,
@project
,
@environment
),
data:
{
confirm:
'Are you sure?'
},
class:
'btn btn-danger'
,
method: :delete
-
if
@deployments
.
blank?
%ul
.content-list
...
...
spec/features/security/project/public_access_spec.rb
View file @
bb6f2467
...
...
@@ -175,6 +175,49 @@ describe "Public Project Access", feature: true do
end
end
describe
"GET /:project_path/environments"
do
subject
{
namespace_project_environments_path
(
project
.
namespace
,
project
)
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_allowed_for
owner
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
developer
}
it
{
is_expected
.
to
be_allowed_for
reporter
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:external
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/environments/:id"
do
let
(
:environment
)
{
create
(
:environment
,
project:
project
)
}
subject
{
namespace_project_environments_path
(
project
.
namespace
,
project
,
environment
)
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_allowed_for
owner
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
developer
}
it
{
is_expected
.
to
be_allowed_for
reporter
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:external
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/environments/new"
do
subject
{
new_namespace_project_environment_path
(
project
.
namespace
,
project
)
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_allowed_for
owner
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
developer
}
it
{
is_expected
.
to
be_denied_for
reporter
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:external
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/blob"
do
let
(
:commit
)
{
project
.
repository
.
commit
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment