diff options
| author | Alex Denisov <1101.debian@gmail.com> | 2012-09-10 09:19:15 +0300 |
|---|---|---|
| committer | Alex Denisov <1101.debian@gmail.com> | 2012-09-10 09:19:15 +0300 |
| commit | 77bfc591bf5836892be26059d92411f9fbf04be9 (patch) | |
| tree | 27b334a35a3ed82cf1f99dec237364718cdde878 /lib/api/helpers.rb | |
| parent | 85db51f660c4d861c9adf97ed114d4bd4d14ff7d (diff) | |
| parent | b565f33472d960e37ed41a8a0c09fbbc3ea65f1e (diff) | |
| download | gitlab-ce-77bfc591bf5836892be26059d92411f9fbf04be9.tar.gz | |
Merge 'master' branch
Diffstat (limited to 'lib/api/helpers.rb')
| -rw-r--r-- | lib/api/helpers.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index ce7b7b497fc..c0ba874790a 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -21,5 +21,21 @@ module Gitlab def authenticate! error!({'message' => '401 Unauthorized'}, 401) unless current_user end + + def authorize! action, subject + unless abilities.allowed?(current_user, action, subject) + error!({'message' => '403 Forbidden'}, 403) + end + end + + private + + def abilities + @abilities ||= begin + abilities = Six.new + abilities << Ability + abilities + end + end end end |