1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
# frozen_string_literal: true
module ControllerWithCrossProjectAccessCheck
extend ActiveSupport::Concern
included do
extend Gitlab::CrossProjectAccess::ClassMethods
before_action :cross_project_check
end
def cross_project_check
authorize_cross_project_page! if Gitlab::CrossProjectAccess.find_check(self)&.should_run?(self)
end
def authorize_cross_project_page!
return if can?(current_user, :read_cross_project)
rejection_message = _(
"This page is unavailable because you are not allowed to read information " \
"across multiple projects."
)
access_denied!(rejection_message)
end
end
|
