Define authorize_update_pipeline_schedule and apply to :edit, :take_ownership, :update
This commit is contained in:
parent
c3635dd1cb
commit
ba63dcbfc6
1 changed files with 6 additions and 4 deletions
|
@ -1,11 +1,11 @@
|
|||
class Projects::PipelineSchedulesController < Projects::ApplicationController
|
||||
before_action :schedule, only: [:edit, :update, :destroy, :take_ownership]
|
||||
|
||||
before_action :authorize_read_pipeline_schedule!
|
||||
before_action :authorize_create_pipeline_schedule!, only: [:new, :create]
|
||||
before_action :authorize_update_pipeline_schedule!, only: [:edit, :take_ownership, :update]
|
||||
before_action :authorize_admin_pipeline_schedule!, only: [:destroy]
|
||||
|
||||
before_action :schedule, only: [:edit, :update, :destroy, :take_ownership]
|
||||
|
||||
def index
|
||||
@scope = params[:scope]
|
||||
@all_schedules = PipelineSchedulesFinder.new(@project).execute
|
||||
|
@ -33,8 +33,6 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
|
|||
end
|
||||
|
||||
def update
|
||||
return access_denied! unless can?(current_user, :update_pipeline_schedule, schedule)
|
||||
|
||||
if Ci::CreatePipelineScheduleService
|
||||
.new(@project, current_user, schedule_params).update(schedule)
|
||||
redirect_to namespace_project_pipeline_schedules_path(@project.namespace.becomes(Namespace), @project)
|
||||
|
@ -72,4 +70,8 @@ class Projects::PipelineSchedulesController < Projects::ApplicationController
|
|||
.permit(:description, :cron, :cron_timezone, :ref, :active,
|
||||
variables_attributes: [:id, :key, :value, :_destroy] )
|
||||
end
|
||||
|
||||
def authorize_update_pipeline_schedule!
|
||||
return access_denied! unless can?(current_user, :update_pipeline_schedule, schedule)
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in a new issue