Commit 43463869 authored by Nick Thomas's avatar Nick Thomas

Merge branch 'extract-ee-specific-lines-for-issues-and-mr-controllers' into 'master'

Extract ee specific lines for issues and mr controllers

See merge request gitlab-org/gitlab-ce!22569
parents 81524689 ac4d838a
...@@ -9,12 +9,25 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -9,12 +9,25 @@ class Projects::IssuesController < Projects::ApplicationController
include IssuesCalendar include IssuesCalendar
include SpammableActions include SpammableActions
prepend_before_action :authenticate_user!, only: [:new] def self.authenticate_user_only_actions
%i[new]
end
def self.issue_except_actions
%i[index calendar new create bulk_update]
end
def self.set_issuables_index_only_actions
%i[index calendar]
end
prepend_before_action :authenticate_user!, only: authenticate_user_only_actions
before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update] before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
before_action :check_issues_available! before_action :check_issues_available!
before_action :issue, except: [:index, :calendar, :new, :create, :bulk_update] before_action :issue, except: issue_except_actions
before_action :set_issuables_index, only: [:index, :calendar]
before_action :set_issuables_index, only: set_issuables_index_only_actions
# Allow write(create) issue # Allow write(create) issue
before_action :authorize_create_issue!, only: [:new, :create] before_action :authorize_create_issue!, only: [:new, :create]
......
...@@ -168,7 +168,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -168,7 +168,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
end end
def merge def merge
return access_denied! unless @merge_request.can_be_merged_by?(current_user) access_check_result = merge_access_check
return access_check_result if access_check_result
status = merge! status = merge!
...@@ -262,6 +264,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -262,6 +264,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
return :failed return :failed
end end
merge_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params)
unless merge_service.hooks_validation_pass?(@merge_request)
return :hook_validation_error
end
return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha
@merge_request.update(merge_error: nil, squash: merge_params.fetch(:squash, false)) @merge_request.update(merge_error: nil, squash: merge_params.fetch(:squash, false))
...@@ -324,6 +332,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo ...@@ -324,6 +332,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
access_denied! unless access_check access_denied! unless access_check
end end
def merge_access_check
access_denied! unless @merge_request.can_be_merged_by?(current_user)
end
def whitelist_query_limiting def whitelist_query_limiting
# Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441 # Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441
Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438') Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438')
......
...@@ -49,6 +49,11 @@ module MergeRequests ...@@ -49,6 +49,11 @@ module MergeRequests
end end
end end
# Overridden in EE.
def hooks_validation_pass?(_merge_request)
true
end
private private
def error_check! def error_check!
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment