Add Secret support for Snippets13235-secret-snippets

Snippets can now be created as type Secret which
are non-searched Snippets that can accessed
publicly if the correct secret_word is known.

1 files changed, 7 insertions, 6 deletions

diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 5805d068e21..3e838b298c7 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -5,6 +5,8 @@ class SnippetsController < ApplicationController
   include ToggleAwardEmoji
   include SpammableActions
   include SnippetsActions
+  include SnippetsHelper
+  include SnippetsUrl
   include RendersBlob
   include PreviewMarkdown
   include PaginatedCollection
@@ -18,6 +20,9 @@ class SnippetsController < ApplicationController
   # Allow read snippet
   before_action :authorize_read_snippet!, only: [:show, :raw]
 
+  # Ensure we're displaying the correct url, specifically for secret snippets
+  before_action :ensure_complete_url, only: [:show, :raw]
+
   # Allow modify snippet
   before_action :authorize_update_snippet!, only: [:edit, :update]
 
@@ -119,17 +124,13 @@ class SnippetsController < ApplicationController
   alias_method :spammable, :snippet
 
   def spammable_path
-    snippet_path(@snippet)
+    reliable_snippet_path(@snippet)
   end
 
   def authorize_read_snippet!
     return if can?(current_user, :read_personal_snippet, @snippet)
 
-    if current_user
-      render_404
-    else
-      authenticate_user!
-    end
+    authorize_secret_snippet!
   end
 
   def authorize_update_snippet!