Merge remote-tracking branch 'origin/master' into ide

author: Luke "Jared" Bennett <lbennett@gitlab.com> 2017-07-31 17:24:13 +0100
committer: Luke "Jared" Bennett <lbennett@gitlab.com> 2017-07-31 17:24:13 +0100
commit: 0ac012f0ad14e8a77eedb026a2de12bf59fa5881 (patch)
tree: ac4693a27c1ad2c5d37b5884f4ac316f4d56b0f7 /app/controllers
parent: 933cfe1e0c493964052b664c2426a90f845f0042 (diff)
parent: 2519027442a5645cc9467e842172143e3f56c7c3 (diff)
download: gitlab-ce-0ac012f0ad14e8a77eedb026a2de12bf59fa5881.tar.gz
2 files changed, 22 insertions, 2 deletions
diff --git a/app/controllers/concerns/notes_actions.rb b/app/controllers/concerns/notes_actions.rb
index a57d9e6e6c0..af5f683bab5 100644
--- a/app/controllers/concerns/notes_actions.rb
+++ b/app/controllers/concerns/notes_actions.rb
@@ -4,6 +4,7 @@ module NotesActions
 
   included do
     before_action :authorize_admin_note!, only: [:update, :destroy]
+    before_action :note_project, only: [:create]
   end
 
   def index
@@ -28,7 +29,8 @@ module NotesActions
       merge_request_diff_head_sha: params[:merge_request_diff_head_sha],
       in_reply_to_discussion_id: params[:in_reply_to_discussion_id]
     )
-    @note = Notes::CreateService.new(project, current_user, create_params).execute
+
+    @note = Notes::CreateService.new(note_project, current_user, create_params).execute
 
     if @note.is_a?(Note)
       Banzai::NoteRenderer.render([@note], @project, current_user)
@@ -177,4 +179,22 @@ module NotesActions
   def notes_finder
     @notes_finder ||= NotesFinder.new(project, current_user, finder_params)
   end
+
+  def note_project
+    return @note_project if defined?(@note_project)
+    return nil unless project
+
+    note_project_id = params[:note_project_id]
+
+    @note_project =
+      if note_project_id.present?
+        Project.find(note_project_id)
+      else
+        project
+      end
+
+    return access_denied! unless can?(current_user, :create_note, @note_project)
+
+    @note_project
+  end
 end
diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb
index 86058531179..747768eefb1 100644
--- a/app/controllers/projects/branches_controller.rb
+++ b/app/controllers/projects/branches_controller.rb
@@ -8,7 +8,7 @@ class Projects::BranchesController < Projects::ApplicationController
   before_action :authorize_push_code!, only: [:new, :create, :destroy, :destroy_all_merged]
 
   def index
-    @sort = params[:sort].presence || sort_value_name
+    @sort = params[:sort].presence || sort_value_recently_updated
     @branches = BranchesFinder.new(@repository, params).execute
     @branches = Kaminari.paginate_array(@branches).page(params[:page])
author	Luke "Jared" Bennett <lbennett@gitlab.com>	2017-07-31 17:24:13 +0100
committer	Luke "Jared" Bennett <lbennett@gitlab.com>	2017-07-31 17:24:13 +0100
commit	0ac012f0ad14e8a77eedb026a2de12bf59fa5881 (patch)
tree	ac4693a27c1ad2c5d37b5884f4ac316f4d56b0f7 /app/controllers
parent	933cfe1e0c493964052b664c2426a90f845f0042 (diff)
parent	2519027442a5645cc9467e842172143e3f56c7c3 (diff)
download	gitlab-ce-0ac012f0ad14e8a77eedb026a2de12bf59fa5881.tar.gz