gitlab-org--gitlab-foss/app/services/create_snippet_service.rb
Stan Hu 680f437715 Fix snippets API not working with visibility level
When a restricted visibility level of `private` is set in the instance,
creating a snippet with the `visibility` level would always fail.
This happened because:

1. `params[:visibility]` was a string (e.g. "public")
2. `CreateSnippetService` and `UpdateSnippetService` only looked
   at `params[:visibility_level]`, which was `nil`.

To fix this, we:

1. Make `CreateSnippetService` look at the newly-built
   `snippet.visibility_level`, since the right value is assigned by the
   `VisibilityLevel#visibility=` method.
2. Modify `UpdateSnippetService` to handle both `visibility_level` and
`visibility` parameters.

Closes https://gitlab.com/gitlab-org/gitlab-ce/issues/66050
2019-08-28 22:49:58 -07:00

31 lines
700 B
Ruby

# frozen_string_literal: true
class CreateSnippetService < BaseService
include SpamCheckService
def execute
filter_spam_check_params
snippet = if project
project.snippets.build(params)
else
PersonalSnippet.new(params)
end
unless Gitlab::VisibilityLevel.allowed_for?(current_user, snippet.visibility_level)
deny_visibility_level(snippet)
return snippet
end
snippet.author = current_user
spam_check(snippet, current_user)
if snippet.save
UserAgentDetailService.new(snippet, @request).create
Gitlab::UsageDataCounters::SnippetCounter.count(:create)
end
snippet
end
end