From 680f437715dcf7a8871aa997559cf57362b43217 Mon Sep 17 00:00:00 2001 From: Stan Hu Date: Tue, 27 Aug 2019 10:31:59 -0700 Subject: Fix snippets API not working with visibility level When a restricted visibility level of `private` is set in the instance, creating a snippet with the `visibility` level would always fail. This happened because: 1. `params[:visibility]` was a string (e.g. "public") 2. `CreateSnippetService` and `UpdateSnippetService` only looked at `params[:visibility_level]`, which was `nil`. To fix this, we: 1. Make `CreateSnippetService` look at the newly-built `snippet.visibility_level`, since the right value is assigned by the `VisibilityLevel#visibility=` method. 2. Modify `UpdateSnippetService` to handle both `visibility_level` and `visibility` parameters. Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66050 --- app/services/update_snippet_service.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'app/services/update_snippet_service.rb') diff --git a/app/services/update_snippet_service.rb b/app/services/update_snippet_service.rb index 2969c360de5..a294812ef9e 100644 --- a/app/services/update_snippet_service.rb +++ b/app/services/update_snippet_service.rb @@ -12,7 +12,7 @@ class UpdateSnippetService < BaseService def execute # check that user is allowed to set specified visibility_level - new_visibility = params[:visibility_level] + new_visibility = visibility_level if new_visibility && new_visibility.to_i != snippet.visibility_level unless Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility) -- cgit v1.2.1