Commit 5a4ebfb4 authored by Jeroen van Baarsen's avatar Jeroen van Baarsen

Fixed the Rails/ActionFilter cop

Signed-off-by: default avatarJeroen van Baarsen <jeroenvanbaarsen@gmail.com>
parent 76aade28
No related merge requests found
...@@ -954,7 +954,7 @@ Lint/Void: ...@@ -954,7 +954,7 @@ Lint/Void:
Rails/ActionFilter: Rails/ActionFilter:
Description: 'Enforces consistent use of action filter methods.' Description: 'Enforces consistent use of action filter methods.'
Enabled: false Enabled: true
Rails/DefaultScope: Rails/DefaultScope:
Description: 'Checks if the argument passed to default_scope is a block.' Description: 'Checks if the argument passed to default_scope is a block.'
......
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
# Automatically sets the layout and ensures an administrator is logged in # Automatically sets the layout and ensures an administrator is logged in
class Admin::ApplicationController < ApplicationController class Admin::ApplicationController < ApplicationController
layout 'admin' layout 'admin'
before_filter :authenticate_admin! before_action :authenticate_admin!
def authenticate_admin! def authenticate_admin!
return render_404 unless current_user.is_admin? return render_404 unless current_user.is_admin?
......
class Admin::ApplicationSettingsController < Admin::ApplicationController class Admin::ApplicationSettingsController < Admin::ApplicationController
before_filter :set_application_setting before_action :set_application_setting
def show def show
end end
......
class Admin::BroadcastMessagesController < Admin::ApplicationController class Admin::BroadcastMessagesController < Admin::ApplicationController
before_filter :broadcast_messages before_action :broadcast_messages
def index def index
@broadcast_message = BroadcastMessage.new @broadcast_message = BroadcastMessage.new
......
class Admin::DeployKeysController < Admin::ApplicationController class Admin::DeployKeysController < Admin::ApplicationController
before_filter :deploy_keys, only: [:index] before_action :deploy_keys, only: [:index]
before_filter :deploy_key, only: [:show, :destroy] before_action :deploy_key, only: [:show, :destroy]
def index def index
end end
def show def show
end end
def new def new
......
class Admin::GroupsController < Admin::ApplicationController class Admin::GroupsController < Admin::ApplicationController
before_filter :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update] before_action :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update]
def index def index
@groups = Group.all @groups = Group.all
......
class Admin::KeysController < Admin::ApplicationController class Admin::KeysController < Admin::ApplicationController
before_filter :user, only: [:show, :destroy] before_action :user, only: [:show, :destroy]
def show def show
@key = user.keys.find(params[:id]) @key = user.keys.find(params[:id])
......
class Admin::ProjectsController < Admin::ApplicationController class Admin::ProjectsController < Admin::ApplicationController
before_filter :project, only: [:show, :transfer] before_action :project, only: [:show, :transfer]
before_filter :group, only: [:show, :transfer] before_action :group, only: [:show, :transfer]
before_filter :repository, only: [:show, :transfer] before_action :repository, only: [:show, :transfer]
def index def index
@projects = Project.all @projects = Project.all
......
class Admin::ServicesController < Admin::ApplicationController class Admin::ServicesController < Admin::ApplicationController
before_filter :service, only: [:edit, :update] before_action :service, only: [:edit, :update]
def index def index
@services = services_templates @services = services_templates
......
class Admin::UsersController < Admin::ApplicationController class Admin::UsersController < Admin::ApplicationController
before_filter :user, only: [:show, :edit, :update, :destroy] before_action :user, only: [:show, :edit, :update, :destroy]
def index def index
@users = User.order_name_asc.filter(params[:filter]) @users = User.order_name_asc.filter(params[:filter])
......
...@@ -6,15 +6,15 @@ class ApplicationController < ActionController::Base ...@@ -6,15 +6,15 @@ class ApplicationController < ActionController::Base
PER_PAGE = 20 PER_PAGE = 20
before_filter :authenticate_user_from_token! before_action :authenticate_user_from_token!
before_filter :authenticate_user! before_action :authenticate_user!
before_filter :reject_blocked! before_action :reject_blocked!
before_filter :check_password_expiration before_action :check_password_expiration
before_filter :ldap_security_check before_action :ldap_security_check
before_filter :default_headers before_action :default_headers
before_filter :add_gon_variables before_action :add_gon_variables
before_filter :configure_permitted_parameters, if: :devise_controller? before_action :configure_permitted_parameters, if: :devise_controller?
before_filter :require_email, unless: :devise_controller? before_action :require_email, unless: :devise_controller?
protect_from_forgery with: :exception protect_from_forgery with: :exception
......
class Dashboard::MilestonesController < ApplicationController class Dashboard::MilestonesController < ApplicationController
before_filter :load_projects before_action :load_projects
def index def index
project_milestones = case params[:state] project_milestones = case params[:state]
......
class Dashboard::ProjectsController < ApplicationController class Dashboard::ProjectsController < ApplicationController
before_filter :event_filter before_action :event_filter
def starred def starred
@projects = current_user.starred_projects @projects = current_user.starred_projects
......
class DashboardController < ApplicationController class DashboardController < ApplicationController
respond_to :html respond_to :html
before_filter :load_projects, except: [:projects] before_action :load_projects, except: [:projects]
before_filter :event_filter, only: :show before_action :event_filter, only: :show
def show def show
@projects = @projects.includes(:namespace) @projects = @projects.includes(:namespace)
......
class Explore::GroupsController < ApplicationController class Explore::GroupsController < ApplicationController
skip_before_filter :authenticate_user!, skip_before_action :authenticate_user!,
:reject_blocked, :set_current_user_for_observers :reject_blocked, :set_current_user_for_observers
layout "explore" layout "explore"
......
class Explore::ProjectsController < ApplicationController class Explore::ProjectsController < ApplicationController
skip_before_filter :authenticate_user!, skip_before_action :authenticate_user!,
:reject_blocked :reject_blocked
layout 'explore' layout 'explore'
......
class Groups::GroupMembersController < Groups::ApplicationController class Groups::GroupMembersController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:index] skip_before_action :authenticate_user!, only: [:index]
before_filter :group before_action :group
# Authorize # Authorize
before_filter :authorize_read_group! before_action :authorize_read_group!
before_filter :authorize_admin_group!, except: [:index, :leave] before_action :authorize_admin_group!, except: [:index, :leave]
layout :determine_layout layout :determine_layout
...@@ -49,7 +49,7 @@ class Groups::GroupMembersController < Groups::ApplicationController ...@@ -49,7 +49,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
def resend_invite def resend_invite
redirect_path = group_group_members_path(@group) redirect_path = group_group_members_path(@group)
@group_member = @group.group_members.find(params[:id]) @group_member = @group.group_members.find(params[:id])
if @group_member.invite? if @group_member.invite?
...@@ -63,7 +63,7 @@ class Groups::GroupMembersController < Groups::ApplicationController ...@@ -63,7 +63,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
def leave def leave
@group_member = @group.group_members.where(user_id: current_user.id).first @group_member = @group.group_members.where(user_id: current_user.id).first
if can?(current_user, :destroy_group_member, @group_member) if can?(current_user, :destroy_group_member, @group_member)
@group_member.destroy @group_member.destroy
redirect_to(dashboard_groups_path, notice: "You left #{group.name} group.") redirect_to(dashboard_groups_path, notice: "You left #{group.name} group.")
......
class Groups::MilestonesController < ApplicationController class Groups::MilestonesController < ApplicationController
layout 'group' layout 'group'
before_filter :authorize_group_milestone!, only: :update before_action :authorize_group_milestone!, only: :update
def index def index
project_milestones = case params[:state] project_milestones = case params[:state]
......
class GroupsController < Groups::ApplicationController class GroupsController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:show, :issues, :merge_requests] skip_before_action :authenticate_user!, only: [:show, :issues, :merge_requests]
respond_to :html respond_to :html
before_filter :group, except: [:new, :create] before_action :group, except: [:new, :create]
# Authorize # Authorize
before_filter :authorize_read_group!, except: [:new, :create] before_action :authorize_read_group!, except: [:new, :create]
before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects] before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_filter :authorize_create_group!, only: [:new, :create] before_action :authorize_create_group!, only: [:new, :create]
# Load group projects # Load group projects
before_filter :load_projects, except: [:new, :create, :projects, :edit, :update] before_action :load_projects, except: [:new, :create, :projects, :edit, :update]
before_filter :event_filter, only: :show before_action :event_filter, only: :show
before_filter :set_title, only: [:new, :create] before_action :set_title, only: [:new, :create]
layout :determine_layout layout :determine_layout
......
class Import::BitbucketController < Import::BaseController class Import::BitbucketController < Import::BaseController
before_filter :verify_bitbucket_import_enabled before_action :verify_bitbucket_import_enabled
before_filter :bitbucket_auth, except: :callback before_action :bitbucket_auth, except: :callback
rescue_from OAuth::Error, with: :bitbucket_unauthorized rescue_from OAuth::Error, with: :bitbucket_unauthorized
def callback def callback
request_token = session.delete(:oauth_request_token) request_token = session.delete(:oauth_request_token)
raise "Session expired!" if request_token.nil? raise "Session expired!" if request_token.nil?
request_token.symbolize_keys! request_token.symbolize_keys!
access_token = client.get_token(request_token, params[:oauth_verifier], callback_import_bitbucket_url) access_token = client.get_token(request_token, params[:oauth_verifier], callback_import_bitbucket_url)
current_user.bitbucket_access_token = access_token.token current_user.bitbucket_access_token = access_token.token
...@@ -21,7 +21,7 @@ class Import::BitbucketController < Import::BaseController ...@@ -21,7 +21,7 @@ class Import::BitbucketController < Import::BaseController
def status def status
@repos = client.projects @repos = client.projects
@already_added_projects = current_user.created_projects.where(import_type: "bitbucket") @already_added_projects = current_user.created_projects.where(import_type: "bitbucket")
already_added_projects_names = @already_added_projects.pluck(:import_source) already_added_projects_names = @already_added_projects.pluck(:import_source)
...@@ -41,7 +41,7 @@ class Import::BitbucketController < Import::BaseController ...@@ -41,7 +41,7 @@ class Import::BitbucketController < Import::BaseController
repo_owner = repo["owner"] repo_owner = repo["owner"]
repo_owner = current_user.username if repo_owner == client.user["user"]["username"] repo_owner = current_user.username if repo_owner == client.user["user"]["username"]
@target_namespace = params[:new_namespace].presence || repo_owner @target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return) namespace = get_or_create_namespace || (render and return)
unless Gitlab::BitbucketImport::KeyAdder.new(repo, current_user).execute unless Gitlab::BitbucketImport::KeyAdder.new(repo, current_user).execute
......
class Import::GithubController < Import::BaseController class Import::GithubController < Import::BaseController
before_filter :verify_github_import_enabled before_action :verify_github_import_enabled
before_filter :github_auth, except: :callback before_action :github_auth, except: :callback
rescue_from Octokit::Unauthorized, with: :github_unauthorized rescue_from Octokit::Unauthorized, with: :github_unauthorized
...@@ -36,7 +36,7 @@ class Import::GithubController < Import::BaseController ...@@ -36,7 +36,7 @@ class Import::GithubController < Import::BaseController
repo_owner = repo.owner.login repo_owner = repo.owner.login
repo_owner = current_user.username if repo_owner == client.user.login repo_owner = current_user.username if repo_owner == client.user.login
@target_namespace = params[:new_namespace].presence || repo_owner @target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return) namespace = get_or_create_namespace || (render and return)
@project = Gitlab::GithubImport::ProjectCreator.new(repo, namespace, current_user).execute @project = Gitlab::GithubImport::ProjectCreator.new(repo, namespace, current_user).execute
......
class Import::GitlabController < Import::BaseController class Import::GitlabController < Import::BaseController
before_filter :verify_gitlab_import_enabled before_action :verify_gitlab_import_enabled
before_filter :gitlab_auth, except: :callback before_action :gitlab_auth, except: :callback
rescue_from OAuth2::Error, with: :gitlab_unauthorized rescue_from OAuth2::Error, with: :gitlab_unauthorized
...@@ -13,7 +13,7 @@ class Import::GitlabController < Import::BaseController ...@@ -13,7 +13,7 @@ class Import::GitlabController < Import::BaseController
def status def status
@repos = client.projects @repos = client.projects
@already_added_projects = current_user.created_projects.where(import_type: "gitlab") @already_added_projects = current_user.created_projects.where(import_type: "gitlab")
already_added_projects_names = @already_added_projects.pluck(:import_source) already_added_projects_names = @already_added_projects.pluck(:import_source)
...@@ -33,7 +33,7 @@ class Import::GitlabController < Import::BaseController ...@@ -33,7 +33,7 @@ class Import::GitlabController < Import::BaseController
repo_owner = repo["namespace"]["path"] repo_owner = repo["namespace"]["path"]
repo_owner = current_user.username if repo_owner == client.user["username"] repo_owner = current_user.username if repo_owner == client.user["username"]
@target_namespace = params[:new_namespace].presence || repo_owner @target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return) namespace = get_or_create_namespace || (render and return)
@project = Gitlab::GitlabImport::ProjectCreator.new(repo, namespace, current_user).execute @project = Gitlab::GitlabImport::ProjectCreator.new(repo, namespace, current_user).execute
......
class Import::GoogleCodeController < Import::BaseController class Import::GoogleCodeController < Import::BaseController
before_filter :user_map, only: [:new_user_map, :create_user_map] before_action :user_map, only: [:new_user_map, :create_user_map]
def new def new
end end
def callback def callback
...@@ -68,7 +68,7 @@ class Import::GoogleCodeController < Import::BaseController ...@@ -68,7 +68,7 @@ class Import::GoogleCodeController < Import::BaseController
def status def status
unless client.valid? unless client.valid?
return redirect_to new_import_google_path return redirect_to new_import_google_path
end end
@repos = client.repos @repos = client.repos
......
class InvitesController < ApplicationController class InvitesController < ApplicationController
before_filter :member before_action :member
skip_before_filter :authenticate_user!, only: :decline skip_before_action :authenticate_user!, only: :decline
respond_to :html respond_to :html
...@@ -24,7 +24,7 @@ class InvitesController < ApplicationController ...@@ -24,7 +24,7 @@ class InvitesController < ApplicationController
if member.decline_invite! if member.decline_invite!
label, _ = source_info(member.source) label, _ = source_info(member.source)
path = path =
if current_user if current_user
dashboard_path dashboard_path
else else
...@@ -41,7 +41,7 @@ class InvitesController < ApplicationController ...@@ -41,7 +41,7 @@ class InvitesController < ApplicationController
def member def member
return @member if defined?(@member) return @member if defined?(@member)
@token = params[:id] @token = params[:id]
@member = Member.find_by_invite_token(@token) @member = Member.find_by_invite_token(@token)
......
class NamespacesController < ApplicationController class NamespacesController < ApplicationController
skip_before_filter :authenticate_user! skip_before_action :authenticate_user!
def show def show
namespace = Namespace.find_by(path: params[:id]) namespace = Namespace.find_by(path: params[:id])
......
class Oauth::ApplicationsController < Doorkeeper::ApplicationsController class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
before_filter :authenticate_user! before_action :authenticate_user!
layout "profile" layout "profile"
def index def index
...@@ -10,7 +10,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController ...@@ -10,7 +10,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
@application = Doorkeeper::Application.new(application_params) @application = Doorkeeper::Application.new(application_params)
@application.owner = current_user @application.owner = current_user
if @application.save if @application.save
flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create]) flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create])
redirect_to oauth_application_url(@application) redirect_to oauth_application_url(@application)
......
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
before_filter :authenticate_resource_owner! before_action :authenticate_resource_owner!
layout "profile" layout "profile"
def new def new
......
class Profiles::KeysController < ApplicationController class Profiles::KeysController < ApplicationController
layout "profile" layout "profile"
skip_before_filter :authenticate_user!, only: [:get_keys] skip_before_action :authenticate_user!, only: [:get_keys]
def index def index
@keys = current_user.keys @keys = current_user.keys
......
class Profiles::PasswordsController < ApplicationController class Profiles::PasswordsController < ApplicationController
layout :determine_layout layout :determine_layout
skip_before_filter :check_password_expiration, only: [:new, :create] skip_before_action :check_password_expiration, only: [:new, :create]
before_filter :set_user before_action :set_user
before_filter :set_title before_action :set_title
before_filter :authorize_change_password! before_action :authorize_change_password!
def new def new
end end
......
class ProfilesController < ApplicationController class ProfilesController < ApplicationController
include ActionView::Helpers::SanitizeHelper include ActionView::Helpers::SanitizeHelper
before_filter :user before_action :user
before_filter :authorize_change_username!, only: :update_username before_action :authorize_change_username!, only: :update_username
skip_before_filter :require_email, only: [:show, :update] skip_before_action :require_email, only: [:show, :update]
layout 'profile' layout 'profile'
......
class Projects::ApplicationController < ApplicationController class Projects::ApplicationController < ApplicationController
before_filter :project before_action :project
before_filter :repository before_action :repository
layout :determine_layout layout :determine_layout
def authenticate_user! def authenticate_user!
......
class Projects::AvatarsController < Projects::ApplicationController class Projects::AvatarsController < Projects::ApplicationController
layout 'project' layout 'project'
before_filter :project before_action :project
def show def show
@blob = @project.repository.blob_at_branch('master', @project.avatar_in_git) @blob = @project.repository.blob_at_branch('master', @project.avatar_in_git)
......
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
class Projects::BlameController < Projects::ApplicationController class Projects::BlameController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
@blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path) @blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path)
......
...@@ -6,15 +6,15 @@ class Projects::BlobController < Projects::ApplicationController ...@@ -6,15 +6,15 @@ class Projects::BlobController < Projects::ApplicationController
# Raised when given an invalid file path # Raised when given an invalid file path
class InvalidPathError < StandardError; end class InvalidPathError < StandardError; end
before_filter :require_non_empty_project, except: [:new, :create] before_action :require_non_empty_project, except: [:new, :create]
before_filter :authorize_download_code! before_action :authorize_download_code!
before_filter :authorize_push_code!, only: [:destroy] before_action :authorize_push_code!, only: [:destroy]
before_filter :assign_blob_vars before_action :assign_blob_vars
before_filter :commit, except: [:new, :create] before_action :commit, except: [:new, :create]
before_filter :blob, except: [:new, :create] before_action :blob, except: [:new, :create]
before_filter :from_merge_request, only: [:edit, :update] before_action :from_merge_request, only: [:edit, :update]
before_filter :after_edit_path, only: [:edit, :update] before_action :after_edit_path, only: [:edit, :update]
before_filter :require_branch_head, only: [:edit, :update] before_action :require_branch_head, only: [:edit, :update]
def new def new
commit unless @repository.empty? commit unless @repository.empty?
......
class Projects::BranchesController < Projects::ApplicationController class Projects::BranchesController < Projects::ApplicationController
include ActionView::Helpers::SanitizeHelper include ActionView::Helpers::SanitizeHelper
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
before_filter :authorize_push_code!, only: [:create, :destroy] before_action :authorize_push_code!, only: [:create, :destroy]
def index def index
@sort = params[:sort] || 'name' @sort = params[:sort] || 'name'
......
...@@ -3,9 +3,9 @@ ...@@ -3,9 +3,9 @@
# Not to be confused with CommitsController, plural. # Not to be confused with CommitsController, plural.
class Projects::CommitController < Projects::ApplicationController class Projects::CommitController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
before_filter :commit before_action :commit
def show def show
return git_not_found! unless @commit return git_not_found! unless @commit
......
...@@ -3,9 +3,9 @@ require "base64" ...@@ -3,9 +3,9 @@ require "base64"
class Projects::CommitsController < Projects::ApplicationController class Projects::CommitsController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
@repo = @project.repository @repo = @project.repository
......
class Projects::CompareController < Projects::ApplicationController class Projects::CompareController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
def index def index
end end
......
...@@ -2,7 +2,7 @@ class Projects::DeployKeysController < Projects::ApplicationController ...@@ -2,7 +2,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
respond_to :html respond_to :html
# Authorize # Authorize
before_filter :authorize_admin_project! before_action :authorize_admin_project!
layout "project_settings" layout "project_settings"
......
class Projects::ForksController < Projects::ApplicationController class Projects::ForksController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
def new def new
@namespaces = current_user.manageable_namespaces @namespaces = current_user.manageable_namespaces
......
class Projects::GraphsController < Projects::ApplicationController class Projects::GraphsController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
respond_to do |format| respond_to do |format|
......
class Projects::HooksController < Projects::ApplicationController class Projects::HooksController < Projects::ApplicationController
# Authorize # Authorize
before_filter :authorize_admin_project! before_action :authorize_admin_project!
respond_to :html respond_to :html
......
class Projects::ImportsController < Projects::ApplicationController class Projects::ImportsController < Projects::ApplicationController
# Authorize # Authorize
before_filter :authorize_admin_project! before_action :authorize_admin_project!
before_filter :require_no_repo before_action :require_no_repo
before_filter :redirect_if_progress, except: :show before_action :redirect_if_progress, except: :show
def new def new
end end
......
class Projects::IssuesController < Projects::ApplicationController class Projects::IssuesController < Projects::ApplicationController
before_filter :module_enabled before_action :module_enabled
before_filter :issue, only: [:edit, :update, :show, :toggle_subscription] before_action :issue, only: [:edit, :update, :show, :toggle_subscription]
# Allow read any issue # Allow read any issue
before_filter :authorize_read_issue! before_action :authorize_read_issue!
# Allow write(create) issue # Allow write(create) issue
before_filter :authorize_write_issue!, only: [:new, :create] before_action :authorize_write_issue!, only: [:new, :create]
# Allow modify issue # Allow modify issue
before_filter :authorize_modify_issue!, only: [:edit, :update] before_action :authorize_modify_issue!, only: [:edit, :update]
# Allow issues bulk update # Allow issues bulk update
before_filter :authorize_admin_issues!, only: [:bulk_update] before_action :authorize_admin_issues!, only: [:bulk_update]
respond_to :html respond_to :html
...@@ -99,7 +99,7 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -99,7 +99,7 @@ class Projects::IssuesController < Projects::ApplicationController
def toggle_subscription def toggle_subscription
@issue.toggle_subscription(current_user) @issue.toggle_subscription(current_user)
render nothing: true render nothing: true
end end
......
class Projects::LabelsController < Projects::ApplicationController class Projects::LabelsController < Projects::ApplicationController
before_filter :module_enabled before_action :module_enabled
before_filter :label, only: [:edit, :update, :destroy] before_action :label, only: [:edit, :update, :destroy]
before_filter :authorize_labels! before_action :authorize_labels!
before_filter :authorize_admin_labels!, except: [:index] before_action :authorize_admin_labels!, except: [:index]
respond_to :js, :html respond_to :js, :html
......
require 'gitlab/satellite/satellite' require 'gitlab/satellite/satellite'
class Projects::MergeRequestsController < Projects::ApplicationController class Projects::MergeRequestsController < Projects::ApplicationController
before_filter :module_enabled before_action :module_enabled
before_filter :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription] before_action :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription]
before_filter :closes_issues, only: [:edit, :update, :show, :diffs] before_action :closes_issues, only: [:edit, :update, :show, :diffs]
before_filter :validates_merge_request, only: [:show, :diffs] before_action :validates_merge_request, only: [:show, :diffs]
before_filter :define_show_vars, only: [:show, :diffs] before_action :define_show_vars, only: [:show, :diffs]
# Allow read any merge_request # Allow read any merge_request
before_filter :authorize_read_merge_request! before_action :authorize_read_merge_request!
# Allow write(create) merge_request # Allow write(create) merge_request
before_filter :authorize_write_merge_request!, only: [:new, :create] before_action :authorize_write_merge_request!, only: [:new, :create]
# Allow modify merge_request # Allow modify merge_request
before_filter :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort] before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
def index def index
terms = params['issue_search'] terms = params['issue_search']
...@@ -176,7 +176,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController ...@@ -176,7 +176,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
def toggle_subscription def toggle_subscription
@merge_request.toggle_subscription(current_user) @merge_request.toggle_subscription(current_user)
render nothing: true render nothing: true
end end
......
class Projects::MilestonesController < Projects::ApplicationController class Projects::MilestonesController < Projects::ApplicationController
before_filter :module_enabled before_action :module_enabled
before_filter :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests] before_action :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
# Allow read any milestone # Allow read any milestone
before_filter :authorize_read_milestone! before_action :authorize_read_milestone!
# Allow admin milestone # Allow admin milestone
before_filter :authorize_admin_milestone!, except: [:index, :show] before_action :authorize_admin_milestone!, except: [:index, :show]
respond_to :html respond_to :html
......
...@@ -2,9 +2,9 @@ class Projects::NetworkController < Projects::ApplicationController ...@@ -2,9 +2,9 @@ class Projects::NetworkController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
include ApplicationHelper include ApplicationHelper
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
respond_to do |format| respond_to do |format|
......
class Projects::NotesController < Projects::ApplicationController class Projects::NotesController < Projects::ApplicationController
# Authorize # Authorize
before_filter :authorize_read_note! before_action :authorize_read_note!
before_filter :authorize_write_note!, only: [:create] before_action :authorize_write_note!, only: [:create]
before_filter :authorize_admin_note!, only: [:update, :destroy] before_action :authorize_admin_note!, only: [:update, :destroy]
before_filter :find_current_user_notes, except: [:destroy, :delete_attachment] before_action :find_current_user_notes, except: [:destroy, :delete_attachment]
def index def index
current_fetched_at = Time.now.to_i current_fetched_at = Time.now.to_i
......
class Projects::ProjectMembersController < Projects::ApplicationController class Projects::ProjectMembersController < Projects::ApplicationController
# Authorize # Authorize
before_filter :authorize_admin_project!, except: :leave before_action :authorize_admin_project!, except: :leave
layout "project_settings" layout "project_settings"
...@@ -24,7 +24,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController ...@@ -24,7 +24,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
users = @group.users.search(params[:search]).to_a users = @group.users.search(params[:search]).to_a
@group_members = @group_members.where(user_id: users) @group_members = @group_members.where(user_id: users)
end end
@group_members = @group_members.order('access_level DESC').limit(20) @group_members = @group_members.order('access_level DESC').limit(20)
end end
...@@ -62,7 +62,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController ...@@ -62,7 +62,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
redirect_path = namespace_project_project_members_path(@project.namespace, @project) redirect_path = namespace_project_project_members_path(@project.namespace, @project)
@project_member = @project.project_members.find(params[:id]) @project_member = @project.project_members.find(params[:id])
if @project_member.invite? if @project_member.invite?
@project_member.resend_invite @project_member.resend_invite
......
class Projects::ProtectedBranchesController < Projects::ApplicationController class Projects::ProtectedBranchesController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_admin_project! before_action :authorize_admin_project!
layout "project_settings" layout "project_settings"
......
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
class Projects::RawController < Projects::ApplicationController class Projects::RawController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
@blob = @repository.blob_at(@commit.id, @path) @blob = @repository.blob_at(@commit.id, @path)
......
class Projects::RefsController < Projects::ApplicationController class Projects::RefsController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def switch def switch
respond_to do |format| respond_to do |format|
......
class Projects::RepositoriesController < Projects::ApplicationController class Projects::RepositoriesController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project, except: :create before_action :require_non_empty_project, except: :create
before_filter :authorize_download_code! before_action :authorize_download_code!
before_filter :authorize_admin_project!, only: :create before_action :authorize_admin_project!, only: :create
def create def create
@project.create_repository @project.create_repository
......
class Projects::ServicesController < Projects::ApplicationController class Projects::ServicesController < Projects::ApplicationController
# Authorize # Authorize
before_filter :authorize_admin_project! before_action :authorize_admin_project!
before_filter :service, only: [:edit, :update, :test] before_action :service, only: [:edit, :update, :test]
respond_to :html respond_to :html
......
class Projects::SnippetsController < Projects::ApplicationController class Projects::SnippetsController < Projects::ApplicationController
before_filter :module_enabled before_action :module_enabled
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw] before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
# Allow read any snippet # Allow read any snippet
before_filter :authorize_read_project_snippet! before_action :authorize_read_project_snippet!
# Allow write(create) snippet # Allow write(create) snippet
before_filter :authorize_write_project_snippet!, only: [:new, :create] before_action :authorize_write_project_snippet!, only: [:new, :create]
# Allow modify snippet # Allow modify snippet
before_filter :authorize_modify_project_snippet!, only: [:edit, :update] before_action :authorize_modify_project_snippet!, only: [:edit, :update]
# Allow destroy snippet # Allow destroy snippet
before_filter :authorize_admin_project_snippet!, only: [:destroy] before_action :authorize_admin_project_snippet!, only: [:destroy]
respond_to :html respond_to :html
......
class Projects::TagsController < Projects::ApplicationController class Projects::TagsController < Projects::ApplicationController
# Authorize # Authorize
before_filter :require_non_empty_project before_action :require_non_empty_project
before_filter :authorize_download_code! before_action :authorize_download_code!
before_filter :authorize_push_code!, only: [:create] before_action :authorize_push_code!, only: [:create]
before_filter :authorize_admin_project!, only: [:destroy] before_action :authorize_admin_project!, only: [:destroy]
def index def index
sorted = VersionSorter.rsort(@repository.tag_names) sorted = VersionSorter.rsort(@repository.tag_names)
......
...@@ -2,9 +2,9 @@ ...@@ -2,9 +2,9 @@
class Projects::TreeController < Projects::ApplicationController class Projects::TreeController < Projects::ApplicationController
include ExtractsPath include ExtractsPath
before_filter :require_non_empty_project, except: [:new, :create] before_action :require_non_empty_project, except: [:new, :create]
before_filter :assign_ref_vars before_action :assign_ref_vars
before_filter :authorize_download_code! before_action :authorize_download_code!
def show def show
if tree.entries.empty? if tree.entries.empty?
......
class Projects::UploadsController < Projects::ApplicationController class Projects::UploadsController < Projects::ApplicationController
layout 'project' layout 'project'
# We want to skip these filters for only the `show` action if `image?` is true, # We want to skip these filters for only the `show` action if `image?` is true,
# but `skip_before_filter` doesn't work with both `only` and `if`, so we accomplish the same like this. # but `skip_before_filter` doesn't work with both `only` and `if`, so we accomplish the same like this.
skipped_filters = [:authenticate_user!, :reject_blocked!, :project, :repository] skipped_filters = [:authenticate_user!, :reject_blocked!, :project, :repository]
skip_before_filter *skipped_filters, only: [:show] skip_before_action *skipped_filters, only: [:show]
before_filter *skipped_filters, only: [:show], unless: :image? before_action *skipped_filters, only: [:show], unless: :image?
def create def create
link_to_file = ::Projects::UploadService.new(project, params[:file]). link_to_file = ::Projects::UploadService.new(project, params[:file]).
...@@ -40,7 +40,7 @@ class Projects::UploadsController < Projects::ApplicationController ...@@ -40,7 +40,7 @@ class Projects::UploadsController < Projects::ApplicationController
file_project = Project.find_with_namespace("#{namespace}/#{id}") file_project = Project.find_with_namespace("#{namespace}/#{id}")
if file_project.nil? if file_project.nil?
@uploader = nil @uploader = nil
return return
end end
......
require 'project_wiki' require 'project_wiki'
class Projects::WikisController < Projects::ApplicationController class Projects::WikisController < Projects::ApplicationController
before_filter :authorize_read_wiki! before_action :authorize_read_wiki!
before_filter :authorize_write_wiki!, only: [:edit, :create, :history] before_action :authorize_write_wiki!, only: [:edit, :create, :history]
before_filter :authorize_admin_wiki!, only: :destroy before_action :authorize_admin_wiki!, only: :destroy
before_filter :load_project_wiki before_action :load_project_wiki
include WikiHelper include WikiHelper
def pages def pages
......
class ProjectsController < ApplicationController class ProjectsController < ApplicationController
prepend_before_filter :render_go_import, only: [:show] prepend_before_filter :render_go_import, only: [:show]
skip_before_filter :authenticate_user!, only: [:show] skip_before_action :authenticate_user!, only: [:show]
before_filter :project, except: [:new, :create] before_action :project, except: [:new, :create]
before_filter :repository, except: [:new, :create] before_action :repository, except: [:new, :create]
# Authorize # Authorize
before_filter :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive] before_action :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive]
before_filter :set_title, only: [:new, :create] before_action :set_title, only: [:new, :create]
before_filter :event_filter, only: :show before_action :event_filter, only: :show
layout 'navless', only: [:new, :create, :fork] layout 'navless', only: [:new, :create, :fork]
......
class RegistrationsController < Devise::RegistrationsController class RegistrationsController < Devise::RegistrationsController
before_filter :signup_enabled? before_action :signup_enabled?
def new def new
redirect_to(new_user_session_path) redirect_to(new_user_session_path)
......
class SnippetsController < ApplicationController class SnippetsController < ApplicationController
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw] before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
# Allow modify snippet # Allow modify snippet
before_filter :authorize_modify_snippet!, only: [:edit, :update] before_action :authorize_modify_snippet!, only: [:edit, :update]
# Allow destroy snippet # Allow destroy snippet
before_filter :authorize_admin_snippet!, only: [:destroy] before_action :authorize_admin_snippet!, only: [:destroy]
before_filter :set_title before_action :set_title
skip_before_filter :authenticate_user!, only: [:index, :user_index, :show, :raw] skip_before_action :authenticate_user!, only: [:index, :user_index, :show, :raw]
respond_to :html respond_to :html
......
class UploadsController < ApplicationController class UploadsController < ApplicationController
skip_before_filter :authenticate_user! skip_before_action :authenticate_user!
before_filter :find_model, :authorize_access! before_action :find_model, :authorize_access!
def show def show
uploader = @model.send(upload_mount) uploader = @model.send(upload_mount)
...@@ -28,7 +28,7 @@ class UploadsController < ApplicationController ...@@ -28,7 +28,7 @@ class UploadsController < ApplicationController
end end
def authorize_access! def authorize_access!
authorized = authorized =
case @model case @model
when Project when Project
can?(current_user, :read_project, @model) can?(current_user, :read_project, @model)
......
class UsersController < ApplicationController class UsersController < ApplicationController
skip_before_filter :authenticate_user! skip_before_action :authenticate_user!
before_filter :set_user before_action :set_user
layout :determine_layout layout :determine_layout
def show def show
......
...@@ -470,7 +470,6 @@ ActiveRecord::Schema.define(version: 20150417122318) do ...@@ -470,7 +470,6 @@ ActiveRecord::Schema.define(version: 20150417122318) do
t.integer "notification_level", default: 1, null: false t.integer "notification_level", default: 1, null: false
t.datetime "password_expires_at" t.datetime "password_expires_at"
t.integer "created_by_id" t.integer "created_by_id"
t.datetime "last_credential_check_at"
t.string "avatar" t.string "avatar"
t.string "confirmation_token" t.string "confirmation_token"
t.datetime "confirmed_at" t.datetime "confirmed_at"
...@@ -478,6 +477,7 @@ ActiveRecord::Schema.define(version: 20150417122318) do ...@@ -478,6 +477,7 @@ ActiveRecord::Schema.define(version: 20150417122318) do
t.string "unconfirmed_email" t.string "unconfirmed_email"
t.boolean "hide_no_ssh_key", default: false t.boolean "hide_no_ssh_key", default: false
t.string "website_url", default: "", null: false t.string "website_url", default: "", null: false
t.datetime "last_credential_check_at"
t.string "github_access_token" t.string "github_access_token"
t.string "gitlab_access_token" t.string "gitlab_access_token"
t.string "notification_email" t.string "notification_email"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment