Commit a61cb7d7 authored by Heinrich Lee Yu's avatar Heinrich Lee Yu

EE port of gitlabhq!2787

Fix conflicting before_action in EE

Alias to a different method to prevent before_action declarations
overwriting a previous one
parent c9868d15
...@@ -19,7 +19,7 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -19,7 +19,7 @@ class Projects::IssuesController < Projects::ApplicationController
prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:rss) } prepend_before_action(only: [:index]) { authenticate_sessionless_user!(:rss) }
prepend_before_action(only: [:calendar]) { authenticate_sessionless_user!(:ics) } prepend_before_action(only: [:calendar]) { authenticate_sessionless_user!(:ics) }
prepend_before_action :authenticate_new_issue!, only: [:new] prepend_before_action :authenticate_user!, only: [:new]
prepend_before_action :store_uri, only: [:new, :show] prepend_before_action :store_uri, only: [:new, :show]
before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update] before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
...@@ -245,14 +245,6 @@ class Projects::IssuesController < Projects::ApplicationController ...@@ -245,14 +245,6 @@ class Projects::IssuesController < Projects::ApplicationController
] + [{ label_ids: [], assignee_ids: [] }] ] + [{ label_ids: [], assignee_ids: [] }]
end end
def authenticate_new_issue!
return if current_user
notice = "Please sign in to create the new issue."
redirect_to new_user_session_path, notice: notice
end
def store_uri def store_uri
if request.get? && !request.xhr? if request.get? && !request.xhr?
store_location_for :user, request.fullpath store_location_for :user, request.fullpath
......
---
title: Use common error for unauthenticated users when creating issues
merge_request:
author:
type: security
...@@ -7,7 +7,12 @@ module EE ...@@ -7,7 +7,12 @@ module EE
extend ::Gitlab::Utils::Override extend ::Gitlab::Utils::Override
prepended do prepended do
before_action :authenticate_user!, only: [:export_csv] # Specifying before_action :authenticate_user! multiple times
# doesn't work, since the last filter will override the previous
# ones.
alias_method :export_csv_authenticate_user!, :authenticate_user!
before_action :export_csv_authenticate_user!, only: [:export_csv]
before_action :check_export_issues_available!, only: [:export_csv] before_action :check_export_issues_available!, only: [:export_csv]
before_action :check_service_desk_available!, only: [:service_desk] before_action :check_service_desk_available!, only: [:service_desk]
before_action :whitelist_query_limiting_ee, only: [:update] before_action :whitelist_query_limiting_ee, only: [:update]
......
...@@ -131,7 +131,7 @@ describe Projects::IssuesController do ...@@ -131,7 +131,7 @@ describe Projects::IssuesController do
it 'redirects to signin if not logged in' do it 'redirects to signin if not logged in' do
get :new, params: { namespace_id: project.namespace, project_id: project } get :new, params: { namespace_id: project.namespace, project_id: project }
expect(flash[:notice]).to eq 'Please sign in to create the new issue.' expect(flash[:alert]).to eq 'You need to sign in or sign up before continuing.'
expect(response).to redirect_to(new_user_session_path) expect(response).to redirect_to(new_user_session_path)
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment