Update controller filters

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Update controller filters
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
d63371ad · Dmitriy Zaporozhets · 342d5537 · d63371ad · d63371ad · d63371ad
Commit d63371ad authored Jun 26, 2015 by Dmitriy Zaporozhets
6 changed files
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -6,10 +6,10 @@ class Projects::IssuesController < Projects::ApplicationController
  before_action :authorize_read_issue!

  # Allow write(create) issue
-  before_action :authorize_write_issue!, only: [:new, :create]
+  before_action :authorize_create_issue!, only: [:new, :create]

  # Allow modify issue
-  before_action :authorize_modify_issue!, only: [:edit, :update]
+  before_action :authorize_update_issue!, only: [:edit, :update]

  # Allow issues bulk update
  before_action :authorize_admin_issues!, only: [:bulk_update]
@@ -122,7 +122,7 @@ class Projects::IssuesController < Projects::ApplicationController
               end
  end

-  def authorize_modify_issue!
+  def authorize_update_issue!
    return render_404 unless can?(current_user, :update_issue, @issue)
  end


--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -14,10 +14,10 @@ class Projects::MergeRequestsController < Projects::ApplicationController
  before_action :authorize_read_merge_request!

  # Allow write(create) merge_request
-  before_action :authorize_write_merge_request!, only: [:new, :create]
+  before_action :authorize_create_merge_request!, only: [:new, :create]

  # Allow modify merge_request
-  before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
+  before_action :authorize_update_merge_request!, only: [:close, :edit, :update, :sort]

  def index
    terms = params['issue_search']
@@ -218,7 +218,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
    @closes_issues ||= @merge_request.closes_issues
  end

-  def authorize_modify_merge_request!
+  def authorize_update_merge_request!
    return render_404 unless can?(current_user, :update_merge_request, @merge_request)
  end


--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
 class Projects::NotesController < Projects::ApplicationController
  # Authorize
  before_action :authorize_read_note!
-  before_action :authorize_write_note!, only: [:create]
+  before_action :authorize_create_note!, only: [:create]
  before_action :authorize_admin_note!, only: [:update, :destroy]
  before_action :find_current_user_notes, except: [:destroy, :delete_attachment]


--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -6,10 +6,10 @@ class Projects::SnippetsController < Projects::ApplicationController
  before_action :authorize_read_project_snippet!

  # Allow write(create) snippet
-  before_action :authorize_write_project_snippet!, only: [:new, :create]
+  before_action :authorize_create_project_snippet!, only: [:new, :create]

  # Allow modify snippet
-  before_action :authorize_modify_project_snippet!, only: [:edit, :update]
+  before_action :authorize_update_project_snippet!, only: [:edit, :update]

  # Allow destroy snippet
  before_action :authorize_admin_project_snippet!, only: [:destroy]
@@ -75,7 +75,7 @@ class Projects::SnippetsController < Projects::ApplicationController
    @snippet ||= @project.snippets.find(params[:id])
  end

-  def authorize_modify_project_snippet!
+  def authorize_update_project_snippet!
    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
  end


--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -2,7 +2,7 @@ require 'project_wiki'

 class Projects::WikisController < Projects::ApplicationController
  before_action :authorize_read_wiki!
-  before_action :authorize_write_wiki!, only: [:edit, :create, :history]
+  before_action :authorize_create_wiki!, only: [:edit, :create, :history]
  before_action :authorize_admin_wiki!, only: :destroy
  before_action :load_project_wiki
  include WikiHelper

--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -2,7 +2,7 @@ class SnippetsController < ApplicationController
  before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]

  # Allow modify snippet
-  before_action :authorize_modify_snippet!, only: [:edit, :update]
+  before_action :authorize_update_snippet!, only: [:edit, :update]

  # Allow destroy snippet
  before_action :authorize_admin_snippet!, only: [:destroy]
@@ -87,7 +87,7 @@ class SnippetsController < ApplicationController
                 end
  end

-  def authorize_modify_snippet!
+  def authorize_update_snippet!
    return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
  end