Backport changes to app/controllers/groups/group_members_controller.rb

author: Mario de la Ossa <mariodelaossa@gmail.com> 2018-05-21 20:59:29 -0600
committer: Mario de la Ossa <mariodelaossa@gmail.com> 2018-06-04 13:49:38 -0600
commit: 4dbd28eea455528abf351de980e3d878bedaf52e (patch)
tree: 90a802cb5ebe79e0bc592e816caa7e91525d65bf /app/controllers/groups
parent: fe0ebf76c49e2512b211c5d43152275c536f7e3a (diff)
download: gitlab-ce-4dbd28eea455528abf351de980e3d878bedaf52e.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb
index ef3eba80154..ef5d5e5c742 100644
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -3,8 +3,12 @@ class Groups::GroupMembersController < Groups::ApplicationController
   include MembersPresentation
   include SortingHelper
 
+  def self.admin_not_required_endpoints
+    %i[index leave request_access]
+  end
+
   # Authorize
-  before_action :authorize_admin_group_member!, except: [:index, :leave, :request_access]
+  before_action :authorize_admin_group_member!, except: admin_not_required_endpoints
 
   skip_cross_project_access_check :index, :create, :update, :destroy, :request_access,
                                   :approve_access_request, :leave, :resend_invite,
author	Mario de la Ossa <mariodelaossa@gmail.com>	2018-05-21 20:59:29 -0600
committer	Mario de la Ossa <mariodelaossa@gmail.com>	2018-06-04 13:49:38 -0600
commit	4dbd28eea455528abf351de980e3d878bedaf52e (patch)
tree	90a802cb5ebe79e0bc592e816caa7e91525d65bf /app/controllers/groups
parent	fe0ebf76c49e2512b211c5d43152275c536f7e3a (diff)
download	gitlab-ce-4dbd28eea455528abf351de980e3d878bedaf52e.tar.gz