Raise a new Gitlab::Access::AccessDeniedError when permission is not enough to destroy a member

This is a try for a new approach to put the access checks at the service level. Signed-off-by: Rémy Coutable <remy@rymai.me>
author: Rémy Coutable <remy@rymai.me> 2016-06-17 18:59:33 +0200
committer: Rémy Coutable <remy@rymai.me> 2016-06-18 06:06:34 +0200
commit: 654565c9dc734a597c525a75c8f72dd63235604b (patch)
tree: 0dbd5935c0019201dc93ee183e69e95d5f3513ce /app/controllers/application_controller.rb
parent: a08a26ac814d7fd9f7523e22847fab0cc25ceb78 (diff)
download: gitlab-ce-654565c9dc734a597c525a75c8f72dd63235604b.tar.gz
1 files changed, 4 insertions, 0 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index dd1bc6f5d52..9cc31620d9f 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -36,6 +36,10 @@ class ApplicationController < ActionController::Base
     render_404
   end
 
+  rescue_from Gitlab::Access::AccessDeniedError do |exception|
+    render_403
+  end
+
   def redirect_back_or_default(default: root_path, options: {})
     redirect_to request.referer.present? ? :back : default, options
   end
author	Rémy Coutable <remy@rymai.me>	2016-06-17 18:59:33 +0200
committer	Rémy Coutable <remy@rymai.me>	2016-06-18 06:06:34 +0200
commit	654565c9dc734a597c525a75c8f72dd63235604b (patch)
tree	0dbd5935c0019201dc93ee183e69e95d5f3513ce /app/controllers/application_controller.rb
parent	a08a26ac814d7fd9f7523e22847fab0cc25ceb78 (diff)
download	gitlab-ce-654565c9dc734a597c525a75c8f72dd63235604b.tar.gz