application_controller.rb 1.73 KB
Newer Older
1
module Ci
2
  class ApplicationController < ::ApplicationController
3 4
    before_action :check_enable_flag!

5 6 7 8
    def self.railtie_helpers_paths
      "app/helpers/ci"
    end

9
    helper_method :gl_project
10 11 12

    private

13 14 15 16 17 18 19
    def check_enable_flag!
      unless current_application_settings.ci_enabled
        redirect_to(disabled_ci_projects_path)
        return
      end
    end

20 21
    def authenticate_public_page!
      unless project.public
22
        authenticate_user!
23

24
        return access_denied! unless can?(current_user, :read_project, gl_project)
25 26 27 28 29 30 31 32 33 34
      end
    end

    def authenticate_token!
      unless project.valid_token?(params[:token])
        return head(403)
      end
    end

    def authorize_access_project!
35
      unless can?(current_user, :read_project, gl_project)
36 37 38 39
        return page_404
      end
    end

40
    def authorize_manage_builds!
Kamil Trzcinski's avatar
Kamil Trzcinski committed
41
      unless can?(current_user, :manage_builds, gl_project)
42 43 44 45
        return page_404
      end
    end

46 47 48 49
    def authenticate_admin!
      return render_404 unless current_user.is_admin?
    end

50
    def authorize_manage_project!
51
      unless can?(current_user, :admin_project, gl_project)
52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
        return page_404
      end
    end

    def page_404
      render file: "#{Rails.root}/public/404.html", status: 404, layout: false
    end

    def default_headers
      headers['X-Frame-Options'] = 'DENY'
      headers['X-XSS-Protection'] = '1; mode=block'
    end

    # JSON for infinite scroll via Pager object
    def pager_json(partial, count)
      html = render_to_string(
        partial,
        layout: false,
        formats: [:html]
      )

      render json: {
        html: html,
        count: count
      }
    end

79 80 81
    def gl_project
      ::Project.find(@project.gitlab_id)
    end
82 83
  end
end