Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
23a3ce94
Commit
23a3ce94
authored
Jun 29, 2016
by
Lin Jen-Shin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Use Ability to check pre-requisite. Change back to 403 because:
If we're using `can?` it would look weird to use 409
parent
deb5509f
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
14 additions
and
2 deletions
+14
-2
app/controllers/projects/runner_projects_controller.rb
app/controllers/projects/runner_projects_controller.rb
+1
-2
app/models/ability.rb
app/models/ability.rb
+13
-0
No files found.
app/controllers/projects/runner_projects_controller.rb
View file @
23a3ce94
...
...
@@ -6,8 +6,7 @@ class Projects::RunnerProjectsController < Projects::ApplicationController
def
create
@runner
=
Ci
::
Runner
.
find
(
params
[
:runner_project
][
:runner_id
])
return
head
(
409
)
if
@runner
.
is_shared?
||
@runner
.
locked?
return
head
(
409
)
unless
current_user
.
ci_authorized_runners
.
include?
(
@runner
)
return
head
(
403
)
unless
can?
(
current_user
,
:assign_runner
,
@runner
)
path
=
runners_path
(
project
)
runner_project
=
@runner
.
assign_to
(
project
,
current_user
)
...
...
app/models/ability.rb
View file @
23a3ce94
...
...
@@ -19,6 +19,7 @@ class Ability
when
ProjectMember
then
project_member_abilities
(
user
,
subject
)
when
User
then
user_abilities
when
ExternalIssue
,
Deployment
,
Environment
then
project_abilities
(
user
,
subject
.
project
)
when
Ci
::
Runner
then
runner_abilities
(
user
,
subject
)
else
[]
end
.
concat
(
global_abilities
(
user
))
end
...
...
@@ -512,6 +513,18 @@ class Ability
rules
end
def
runner_abilities
(
user
,
runner
)
if
user
.
is_admin?
[
:assign_runner
]
elsif
runner
.
is_shared?
||
runner
.
locked?
[]
elsif
user
.
ci_authorized_runners
.
include?
(
runner
)
[
:assign_runner
]
else
[]
end
end
def
user_abilities
[
:read_user
]
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment