Commit 43463869 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'extract-ee-specific-lines-for-issues-and-mr-controllers' into 'master'

Extract ee specific lines for issues and mr controllers

See merge request gitlab-org/gitlab-ce!22569
parents 81524689 ac4d838a
......@@ -9,12 +9,25 @@ class Projects::IssuesController < Projects::ApplicationController
include IssuesCalendar
include SpammableActions
prepend_before_action :authenticate_user!, only: [:new]
def self.authenticate_user_only_actions
%i[new]
end
def self.issue_except_actions
%i[index calendar new create bulk_update]
end
def self.set_issuables_index_only_actions
%i[index calendar]
end
prepend_before_action :authenticate_user!, only: authenticate_user_only_actions
before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
before_action :check_issues_available!
before_action :issue, except: [:index, :calendar, :new, :create, :bulk_update]
before_action :set_issuables_index, only: [:index, :calendar]
before_action :issue, except: issue_except_actions
before_action :set_issuables_index, only: set_issuables_index_only_actions
# Allow write(create) issue
before_action :authorize_create_issue!, only: [:new, :create]
......
......@@ -168,7 +168,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
end
def merge
return access_denied! unless @merge_request.can_be_merged_by?(current_user)
access_check_result = merge_access_check
return access_check_result if access_check_result
status = merge!
......@@ -262,6 +264,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
return :failed
end
merge_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params)
unless merge_service.hooks_validation_pass?(@merge_request)
return :hook_validation_error
end
return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha
@merge_request.update(merge_error: nil, squash: merge_params.fetch(:squash, false))
......@@ -324,6 +332,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
access_denied! unless access_check
end
def merge_access_check
access_denied! unless @merge_request.can_be_merged_by?(current_user)
end
def whitelist_query_limiting
# Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438')
......
......@@ -49,6 +49,11 @@ module MergeRequests
end
end
# Overridden in EE.
def hooks_validation_pass?(_merge_request)
true
end
private
def error_check!
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment