Commit 4c517ce6 authored by Robert Speicher's avatar Robert Speicher

Merge branch 'issue_14374' into 'master'

Check push permissions only when pushing directly to target branch.

Fixes #14374 

See merge request !3280
parents abaf7ed2 cfb10c10
...@@ -9,7 +9,8 @@ module Commits ...@@ -9,7 +9,8 @@ module Commits
@commit = params[:commit] @commit = params[:commit]
@create_merge_request = params[:create_merge_request].present? @create_merge_request = params[:create_merge_request].present?
validate and commit check_push_permissions unless @create_merge_request
commit
rescue Repository::CommitError, Gitlab::Git::Repository::InvalidBlobName, GitHooksService::PreReceiveError, rescue Repository::CommitError, Gitlab::Git::Repository::InvalidBlobName, GitHooksService::PreReceiveError,
ValidationError, ReversionError => ex ValidationError, ReversionError => ex
error(ex.message) error(ex.message)
...@@ -45,11 +46,11 @@ module Commits ...@@ -45,11 +46,11 @@ module Commits
end end
end end
def validate def check_push_permissions
allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch) allowed = ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(@target_branch)
unless allowed unless allowed
raise_error('You are not allowed to push into this branch') raise ValidationError.new('You are not allowed to push into this branch')
end end
true true
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment