Port `read_cross_project` ability from EE

author: Bob Van Landuyt <bob@vanlanduyt.co> 2017-12-11 15:21:06 +0100
committer: Bob Van Landuyt <bob@vanlanduyt.co> 2018-02-22 17:11:36 +0100
commit: 148816cd67a314f17e79c107270cc708501bdd39 (patch)
tree: eba07d109322392bb5862b715adc066a0ebbdf95 /app/controllers/concerns/controller_with_cross_project_access_check.rb
parent: b5306075c21f5546d1447052558da6227629c15e (diff)
download: gitlab-ce-148816cd67a314f17e79c107270cc708501bdd39.tar.gz
1 files changed, 24 insertions, 0 deletions
diff --git a/app/controllers/concerns/controller_with_cross_project_access_check.rb b/app/controllers/concerns/controller_with_cross_project_access_check.rb
new file mode 100644
index 00000000000..a45c3384578
--- /dev/null
+++ b/app/controllers/concerns/controller_with_cross_project_access_check.rb
@@ -0,0 +1,24 @@
+module ControllerWithCrossProjectAccessCheck
+  extend ActiveSupport::Concern
+
+  included do
+    extend Gitlab::CrossProjectAccess::ClassMethods
+    before_action :cross_project_check
+  end
+
+  def cross_project_check
+    if Gitlab::CrossProjectAccess.find_check(self)&.should_run?(self)
+      authorize_cross_project_page!
+    end
+  end
+
+  def authorize_cross_project_page!
+    return if can?(current_user, :read_cross_project)
+
+    rejection_message = _(
+      "This page is unavailable because you are not allowed to read information "\
+      "across multiple projects."
+    )
+    access_denied!(rejection_message)
+  end
+end
author	Bob Van Landuyt <bob@vanlanduyt.co>	2017-12-11 15:21:06 +0100
committer	Bob Van Landuyt <bob@vanlanduyt.co>	2018-02-22 17:11:36 +0100
commit	148816cd67a314f17e79c107270cc708501bdd39 (patch)
tree	eba07d109322392bb5862b715adc066a0ebbdf95 /app/controllers/concerns/controller_with_cross_project_access_check.rb
parent	b5306075c21f5546d1447052558da6227629c15e (diff)
download	gitlab-ce-148816cd67a314f17e79c107270cc708501bdd39.tar.gz