Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
814d853a
Commit
814d853a
authored
8 years ago
by
Grzegorz Bizon
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix deprecated CI build status badge permissions
parent
32929407
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
56 additions
and
0 deletions
+56
-0
app/controllers/ci/projects_controller.rb
app/controllers/ci/projects_controller.rb
+3
-0
spec/controllers/ci/projects_controller_spec.rb
spec/controllers/ci/projects_controller_spec.rb
+53
-0
No files found.
app/controllers/ci/projects_controller.rb
View file @
814d853a
...
...
@@ -3,6 +3,7 @@ module Ci
before_action
:project
before_action
:authorize_read_project!
,
except:
[
:badge
]
before_action
:no_cache
,
only:
[
:badge
]
skip_before_action
:authenticate_user!
,
only:
[
:badge
]
protect_from_forgery
def
show
...
...
@@ -18,6 +19,8 @@ module Ci
#
def
badge
return
render_404
unless
@project
authenticate_user!
unless
@project
.
public?
image
=
Ci
::
ImageForBuildService
.
new
.
execute
(
@project
,
params
)
send_file
image
.
path
,
filename:
image
.
name
,
disposition:
'inline'
,
type
:"image/svg+xml"
end
...
...
This diff is collapsed.
Click to expand it.
spec/controllers/ci/projects_controller_spec.rb
0 → 100644
View file @
814d853a
require
'spec_helper'
describe
Ci
::
ProjectsController
do
let
(
:visibility
)
{
:public
}
let!
(
:project
)
{
create
(
:project
,
visibility
,
ci_id:
1
)
}
let
(
:ci_id
)
{
project
.
ci_id
}
##
# Specs for *deprecated* CI badge
#
describe
'#badge'
do
context
'user not signed in'
before
{
get
(
:badge
,
id:
ci_id
)
}
context
'project has no ci_id reference'
do
let
(
:ci_id
)
{
123
}
it
'returns 404'
do
expect
(
response
.
status
).
to
eq
404
end
end
context
'project is public'
do
let
(
:visibility
)
{
:public
}
it
'is available without authentication'
do
expect
(
response
.
status
).
to
eq
200
end
end
context
'project is private'
do
let
(
:visibility
)
{
:private
}
it
'requires authentication'
do
expect
(
response
.
status
).
to
eq
302
end
end
context
'user signed in'
do
let
(
:user
)
{
create
(
:user
)
}
before
{
sign_in
(
user
)
}
before
{
get
(
:badge
,
id:
ci_id
)
}
context
'private is internal'
do
let
(
:visibility
)
{
:internal
}
it
'shows badge to signed in user'
do
expect
(
response
.
status
).
to
eq
200
end
end
end
end
end
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment