From 973bd4622dec2c326d05a047b93a7b67c9196fb4 Mon Sep 17 00:00:00 2001 From: James Edwards-Jones Date: Sun, 25 Mar 2018 00:54:56 +0000 Subject: ProtectedBranchPolicy used from Controller for destroy/update --- app/services/protected_branches/create_service.rb | 17 +++++++++++++---- app/services/protected_branches/destroy_service.rb | 2 ++ 2 files changed, 15 insertions(+), 4 deletions(-) (limited to 'app/services') diff --git a/app/services/protected_branches/create_service.rb b/app/services/protected_branches/create_service.rb index 6212fd69077..9d947f73af1 100644 --- a/app/services/protected_branches/create_service.rb +++ b/app/services/protected_branches/create_service.rb @@ -1,11 +1,20 @@ module ProtectedBranches class CreateService < BaseService - attr_reader :protected_branch - def execute(skip_authorization: false) - raise Gitlab::Access::AccessDeniedError unless skip_authorization || can?(current_user, :admin_project, project) + raise Gitlab::Access::AccessDeniedError unless skip_authorization || authorized? + + protected_branch.save + protected_branch + end + + def authorized? + can?(current_user, :create_protected_branch, protected_branch) + end + + private - project.protected_branches.create(params) + def protected_branch + @protected_branch ||= project.protected_branches.new(params) end end end diff --git a/app/services/protected_branches/destroy_service.rb b/app/services/protected_branches/destroy_service.rb index 74fdb900c56..8172c896e76 100644 --- a/app/services/protected_branches/destroy_service.rb +++ b/app/services/protected_branches/destroy_service.rb @@ -1,6 +1,8 @@ module ProtectedBranches class DestroyService < BaseService def execute(protected_branch) + raise Gitlab::Access::AccessDeniedError unless can?(current_user, :destroy_protected_branch, protected_branch) + protected_branch.destroy end end -- cgit v1.2.1