Merge branch 'extract-ee-specific-lines-for-issues-and-mr-controllers' into 'master'

Extract ee specific lines for issues and mr controllers See merge request gitlab-org/gitlab-ce!22569

Merge branch 'extract-ee-specific-lines-for-issues-and-mr-controllers' into 'master'
Extract ee specific lines for issues and mr controllers See merge request gitlab-org/gitlab-ce!22569
43463869 · Nick Thomas · 81524689 · ac4d838a · 43463869 · 43463869
Commit 43463869 authored Oct 29, 2018 by Nick Thomas
3 changed files
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -9,12 +9,25 @@ class Projects::IssuesController < Projects::ApplicationController
  include IssuesCalendar
  include SpammableActions

-  prepend_before_action :authenticate_user!, only: [:new]
+  def self.authenticate_user_only_actions
+    %i[new]
+  end
+
+  def self.issue_except_actions
+    %i[index calendar new create bulk_update]
+  end
+
+  def self.set_issuables_index_only_actions
+    %i[index calendar]
+  end
+
+  prepend_before_action :authenticate_user!, only: authenticate_user_only_actions

  before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
  before_action :check_issues_available!
-  before_action :issue, except: [:index, :calendar, :new, :create, :bulk_update]
-  before_action :set_issuables_index, only: [:index, :calendar]
+  before_action :issue, except: issue_except_actions
+
+  before_action :set_issuables_index, only: set_issuables_index_only_actions

  # Allow write(create) issue
  before_action :authorize_create_issue!, only: [:new, :create]

--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -168,7 +168,9 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
  end

  def merge
-    return access_denied! unless @merge_request.can_be_merged_by?(current_user)
+    access_check_result = merge_access_check
+
+    return access_check_result if access_check_result

    status = merge!

@@ -262,6 +264,12 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
      return :failed
    end

+    merge_service = ::MergeRequests::MergeService.new(@project, current_user, merge_params)
+
+    unless merge_service.hooks_validation_pass?(@merge_request)
+      return :hook_validation_error
+    end
+
    return :sha_mismatch if params[:sha] != @merge_request.diff_head_sha

    @merge_request.update(merge_error: nil, squash: merge_params.fetch(:squash, false))
@@ -324,6 +332,10 @@ class Projects::MergeRequestsController < Projects::MergeRequests::ApplicationCo
    access_denied! unless access_check
  end

+  def merge_access_check
+    access_denied! unless @merge_request.can_be_merged_by?(current_user)
+  end
+
  def whitelist_query_limiting
    # Also see https://gitlab.com/gitlab-org/gitlab-ce/issues/42441
    Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42438')

--- a/app/services/merge_requests/merge_service.rb
+++ b/app/services/merge_requests/merge_service.rb
@@ -49,6 +49,11 @@ module MergeRequests
      end
    end

+    # Overridden in EE.
+    def hooks_validation_pass?(_merge_request)
+      true
+    end
+
    private

    def error_check!