Add a comment about implementing proper policies for group runner permissions
This commit is contained in:
parent
8f29d9c6ee
commit
131ca31b23
2 changed files with 5 additions and 0 deletions
|
@ -1,5 +1,8 @@
|
||||||
class Groups::RunnersController < Groups::ApplicationController
|
class Groups::RunnersController < Groups::ApplicationController
|
||||||
|
# Proper policies should be implemented per
|
||||||
|
# https://gitlab.com/gitlab-org/gitlab-ce/issues/45894
|
||||||
before_action :authorize_admin_pipeline!
|
before_action :authorize_admin_pipeline!
|
||||||
|
|
||||||
before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show]
|
before_action :runner, only: [:edit, :update, :destroy, :pause, :resume, :show]
|
||||||
|
|
||||||
def show
|
def show
|
||||||
|
|
|
@ -4,6 +4,8 @@
|
||||||
GitLab Group Runners can execute code for all the projects in this group.
|
GitLab Group Runners can execute code for all the projects in this group.
|
||||||
They can be managed using the #{link_to 'Runners API', help_page_path('api/runners.md')}.
|
They can be managed using the #{link_to 'Runners API', help_page_path('api/runners.md')}.
|
||||||
|
|
||||||
|
-# Proper policies should be implemented per
|
||||||
|
-# https://gitlab.com/gitlab-org/gitlab-ce/issues/45894
|
||||||
- if can?(current_user, :admin_pipeline, @group)
|
- if can?(current_user, :admin_pipeline, @group)
|
||||||
= render partial: 'ci/runner/how_to_setup_runner',
|
= render partial: 'ci/runner/how_to_setup_runner',
|
||||||
locals: { registration_token: @group.runners_token, type: 'group' }
|
locals: { registration_token: @group.runners_token, type: 'group' }
|
||||||
|
|
Loading…
Reference in a new issue