Ensure project snippets have their own access level

author: Rémy Coutable <remy@rymai.me> 2016-03-25 18:51:17 +0100
committer: Rémy Coutable <remy@rymai.me> 2016-03-25 18:51:17 +0100
commit: 4f07c0a107b86ea23834a6797989963f1a63f5c1 (patch)
tree: a9348baea79a6245304b8f4d5d0edfe5256b38af /app/controllers/projects/snippets_controller.rb
parent: f4bdefdff1861c0d0e2e6ae3418be969c2600b5f (diff)
download: gitlab-ce-4f07c0a107b86ea23834a6797989963f1a63f5c1.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 383b86b68e0..6d2901a24a4 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -3,7 +3,7 @@ class Projects::SnippetsController < Projects::ApplicationController
   before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
 
   # Allow read any snippet
-  before_action :authorize_read_project_snippet!, except: [:index]
+  before_action :authorize_read_project_snippet!, except: [:new, :create, :index]
 
   # Allow write(create) snippet
   before_action :authorize_create_project_snippet!, only: [:new, :create]
author	Rémy Coutable <remy@rymai.me>	2016-03-25 18:51:17 +0100
committer	Rémy Coutable <remy@rymai.me>	2016-03-25 18:51:17 +0100
commit	4f07c0a107b86ea23834a6797989963f1a63f5c1 (patch)
tree	a9348baea79a6245304b8f4d5d0edfe5256b38af /app/controllers/projects/snippets_controller.rb
parent	f4bdefdff1861c0d0e2e6ae3418be969c2600b5f (diff)
download	gitlab-ce-4f07c0a107b86ea23834a6797989963f1a63f5c1.tar.gz