From 30c6db8f0354847c275335c120d7218c0098c41f Mon Sep 17 00:00:00 2001
From: Mark Chao <mchao@gitlab.com>
Date: Tue, 11 Dec 2018 14:28:06 +0800
Subject: Move embeddable? to model to be used outside view

---
 app/models/snippet.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'app/models/snippet.rb')

diff --git a/app/models/snippet.rb b/app/models/snippet.rb
index 11856b55902..e623ee8161f 100644
--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -175,6 +175,14 @@ class Snippet < ActiveRecord::Base
     :visibility_level
   end
 
+  def embeddable?
+    if project_id?
+      Ability.allowed?(nil, :read_project_snippet, self)
+    else
+      Ability.allowed?(nil, :read_personal_snippet, self)
+    end
+  end
+
   def notes_with_associations
     notes.includes(:author)
   end
-- 
cgit v1.2.1


From ed0d691e0dfba54cd8f03706afd011afe4063a7a Mon Sep 17 00:00:00 2001
From: Mark Chao <mchao@gitlab.com>
Date: Tue, 11 Dec 2018 14:32:25 +0800
Subject: Block private snippets from being embeddable

---
 app/models/snippet.rb | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

(limited to 'app/models/snippet.rb')

diff --git a/app/models/snippet.rb b/app/models/snippet.rb
index e623ee8161f..f9b23bbbf6c 100644
--- a/app/models/snippet.rb
+++ b/app/models/snippet.rb
@@ -176,11 +176,9 @@ class Snippet < ActiveRecord::Base
   end
 
   def embeddable?
-    if project_id?
-      Ability.allowed?(nil, :read_project_snippet, self)
-    else
-      Ability.allowed?(nil, :read_personal_snippet, self)
-    end
+    ability = project_id? ? :read_project_snippet : :read_personal_snippet
+
+    Ability.allowed?(nil, ability, self)
   end
 
   def notes_with_associations
-- 
cgit v1.2.1