diff options
author | Bob Van Landuyt <bob@vanlanduyt.co> | 2017-12-11 15:21:06 +0100 |
---|---|---|
committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-02-22 17:11:36 +0100 |
commit | 148816cd67a314f17e79c107270cc708501bdd39 (patch) | |
tree | eba07d109322392bb5862b715adc066a0ebbdf95 /app/controllers/concerns/controller_with_cross_project_access_check.rb | |
parent | b5306075c21f5546d1447052558da6227629c15e (diff) | |
download | gitlab-ce-148816cd67a314f17e79c107270cc708501bdd39.tar.gz |
Port `read_cross_project` ability from EE
Diffstat (limited to 'app/controllers/concerns/controller_with_cross_project_access_check.rb')
-rw-r--r-- | app/controllers/concerns/controller_with_cross_project_access_check.rb | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/app/controllers/concerns/controller_with_cross_project_access_check.rb b/app/controllers/concerns/controller_with_cross_project_access_check.rb new file mode 100644 index 00000000000..a45c3384578 --- /dev/null +++ b/app/controllers/concerns/controller_with_cross_project_access_check.rb @@ -0,0 +1,24 @@ +module ControllerWithCrossProjectAccessCheck + extend ActiveSupport::Concern + + included do + extend Gitlab::CrossProjectAccess::ClassMethods + before_action :cross_project_check + end + + def cross_project_check + if Gitlab::CrossProjectAccess.find_check(self)&.should_run?(self) + authorize_cross_project_page! + end + end + + def authorize_cross_project_page! + return if can?(current_user, :read_cross_project) + + rejection_message = _( + "This page is unavailable because you are not allowed to read information "\ + "across multiple projects." + ) + access_denied!(rejection_message) + end +end |