File: application_controller.rb

package info (click to toggle)
gitlab 17.6.5-19
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 629,368 kB
  • sloc: ruby: 1,915,304; javascript: 557,307; sql: 60,639; xml: 6,509; sh: 4,567; makefile: 1,239; python: 406
file content (108 lines) | stat: -rw-r--r-- 2,620 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
 
# frozen_string_literal: true

class Groups::ApplicationController < ApplicationController
  include RoutableActions
  include ControllerWithCrossProjectAccessCheck
  include SortingHelper
  include SortingPreference

  layout 'group'

  skip_before_action :authenticate_user!
  before_action :group
  before_action :set_sorting
  requires_cross_project_access

  before_action do
    push_namespace_setting(:math_rendering_limits_enabled, @group)
    push_frontend_feature_flag(:async_sidebar_counts, @group&.root_ancestor)
  end

  private

  def group
    @group ||= find_routable!(Group, params[:group_id] || params[:id], request.fullpath)
  end

  def group_projects
    @projects ||= GroupProjectsFinder.new(group: group, current_user: current_user).execute
  end

  def group_projects_with_subgroups
    @group_projects_with_subgroups ||= GroupProjectsFinder.new(
      group: group,
      current_user: current_user,
      options: { include_subgroups: true }
    ).execute
  end

  def authorize_admin_group!
    render_404 unless can?(current_user, :admin_group, group)
  end

  def authorize_create_deploy_token!
    render_404 unless can?(current_user, :create_deploy_token, group)
  end

  def authorize_destroy_deploy_token!
    render_404 unless can?(current_user, :destroy_deploy_token, group)
  end

  def authorize_admin_group_member!
    render_403 unless can?(current_user, :admin_group_member, group)
  end

  def authorize_owner_access!
    render_403 unless can?(current_user, :owner_access, group)
  end

  def authorize_billings_page!
    render_404 unless can?(current_user, :read_billing, group)
  end

  def authorize_read_group_member!
    render_403 unless can?(current_user, :read_group_member, group)
  end

  def build_canonical_path(group)
    params[:group_id] = group.to_param

    url_for(safe_params)
  end

  def set_sorting
    @group_projects_sort = set_sort_order(Project::SORTING_PREFERENCE_FIELD, sort_value_name) if has_project_list?
  end

  def has_project_list?
    false
  end

  def validate_crm_group!
    render_404 unless group.crm_group?
  end

  def authorize_action!(action)
    access_denied! unless can?(current_user, action, group)
  end

  def respond_to_missing?(method, *args)
    case method.to_s
    when /\Aauthorize_(.*)!\z/
      true
    else
      super
    end
  end

  def method_missing(method_sym, *arguments, &block)
    case method_sym.to_s
    when /\Aauthorize_(.*)!\z/
      authorize_action!(Regexp.last_match(1).to_sym)
    else
      super
    end
  end
end

Groups::ApplicationController.prepend_mod_with('Groups::ApplicationController')