summaryrefslogtreecommitdiff
path: root/app/controllers/groups/application_controller.rb
diff options
context:
space:
mode:
authorMichael Kozono <mkozono@gmail.com>2017-05-04 14:20:13 -0700
committerMichael Kozono <mkozono@gmail.com>2017-05-05 12:12:50 -0700
commit9e48f02ea802814e4df1f1de5ed509942dca7581 (patch)
treee1bcb152e7951e1bbd94d6a8333fd475dcfaf577 /app/controllers/groups/application_controller.rb
parente4bcc90d95fa3b78544cb9ddd6019a5f914c1628 (diff)
downloadgitlab-ce-9e48f02ea802814e4df1f1de5ed509942dca7581.tar.gz
Dry up routable lookups. Fixes #30317
Note: This changes the behavior of user lookups (see the spec change) so it acts the same way as groups and projects. Unauthenticated clients attempting to access a user page will be redirected to login whether the user exists and is publicly restricted, or does not exist at all.
Diffstat (limited to 'app/controllers/groups/application_controller.rb')
-rw-r--r--app/controllers/groups/application_controller.rb17
1 files changed, 4 insertions, 13 deletions
diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb
index 209d8b1a08a..2157a56dea2 100644
--- a/app/controllers/groups/application_controller.rb
+++ b/app/controllers/groups/application_controller.rb
@@ -9,20 +9,11 @@ class Groups::ApplicationController < ApplicationController
private
def group
- unless @group
- given_path = params[:group_id] || params[:id]
- @group = Group.find_by_full_path(given_path, follow_redirects: request.get?)
-
- if @group && can?(current_user, :read_group, @group)
- ensure_canonical_path(@group, given_path)
- else
- @group = nil
-
- route_not_found
- end
- end
+ @group ||= find_routable!(Group, requested_full_path)
+ end
- @group
+ def requested_full_path
+ params[:group_id] || params[:id]
end
def group_projects
View Lorry Controller Status