Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
d8d9d0c7
Commit
d8d9d0c7
authored
Jan 10, 2017
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor authorized params in Admin::UsersController
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
83c1395a
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
32 additions
and
27 deletions
+32
-27
app/controllers/admin/application_settings_controller.rb
app/controllers/admin/application_settings_controller.rb
+0
-18
app/controllers/admin/users_controller.rb
app/controllers/admin/users_controller.rb
+32
-9
No files found.
app/controllers/admin/application_settings_controller.rb
View file @
d8d9d0c7
...
@@ -76,43 +76,33 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
...
@@ -76,43 +76,33 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:admin_notification_email
,
:admin_notification_email
,
:after_sign_out_path
,
:after_sign_out_path
,
:after_sign_up_text
,
:after_sign_up_text
,
:akismet_api_key
,
:akismet_api_key
,
:akismet_enabled
,
:akismet_enabled
,
:container_registry_token_expire_delay
,
:container_registry_token_expire_delay
,
:default_branch_protection
,
:default_branch_protection
,
:default_group_visibility
,
:default_group_visibility
,
:default_project_visibility
,
:default_project_visibility
,
:default_projects_limit
,
:default_projects_limit
,
:default_snippet_visibility
,
:default_snippet_visibility
,
:domain_blacklist_enabled
,
:domain_blacklist_enabled
,
:domain_blacklist_file
,
:domain_blacklist_file
,
:domain_blacklist_raw
,
:domain_blacklist_raw
,
:domain_whitelist_raw
,
:domain_whitelist_raw
,
:email_author_in_body
,
:email_author_in_body
,
:enabled_git_access_protocol
,
:enabled_git_access_protocol
,
:gravatar_enabled
,
:gravatar_enabled
,
:help_page_text
,
:help_page_text
,
:home_page_url
,
:home_page_url
,
:housekeeping_bitmaps_enabled
,
:housekeeping_bitmaps_enabled
,
:housekeeping_enabled
,
:housekeeping_enabled
,
:housekeeping_full_repack_period
,
:housekeeping_full_repack_period
,
:housekeeping_gc_period
,
:housekeeping_gc_period
,
:housekeeping_incremental_repack_period
,
:housekeeping_incremental_repack_period
,
:html_emails_enabled
,
:html_emails_enabled
,
:koding_enabled
,
:koding_enabled
,
:koding_url
,
:koding_url
,
:max_artifacts_size
,
:max_artifacts_size
,
:max_attachment_size
,
:max_attachment_size
,
:metrics_enabled
,
:metrics_enabled
,
:metrics_host
,
:metrics_host
,
:metrics_method_call_threshold
,
:metrics_method_call_threshold
,
...
@@ -121,30 +111,22 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
...
@@ -121,30 +111,22 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
:metrics_port
,
:metrics_port
,
:metrics_sample_interval
,
:metrics_sample_interval
,
:metrics_timeout
,
:metrics_timeout
,
:recaptcha_enabled
,
:recaptcha_enabled
,
:recaptcha_private_key
,
:recaptcha_private_key
,
:recaptcha_site_key
,
:recaptcha_site_key
,
:repository_checks_enabled
,
:repository_checks_enabled
,
:require_two_factor_authentication
,
:require_two_factor_authentication
,
:session_expire_delay
,
:session_expire_delay
,
:sign_in_text
,
:sign_in_text
,
:signin_enabled
,
:signin_enabled
,
:signup_enabled
,
:signup_enabled
,
:sentry_dsn
,
:sentry_dsn
,
:sentry_enabled
,
:sentry_enabled
,
:send_user_confirmation_email
,
:send_user_confirmation_email
,
:shared_runners_enabled
,
:shared_runners_enabled
,
:shared_runners_text
,
:shared_runners_text
,
:sidekiq_throttling_enabled
,
:sidekiq_throttling_enabled
,
:sidekiq_throttling_factor
,
:sidekiq_throttling_factor
,
:two_factor_grace_period
,
:two_factor_grace_period
,
:user_default_external
,
:user_default_external
,
:user_oauth_applications
,
:user_oauth_applications
,
...
...
app/controllers/admin/users_controller.rb
View file @
d8d9d0c7
...
@@ -161,15 +161,6 @@ class Admin::UsersController < Admin::ApplicationController
...
@@ -161,15 +161,6 @@ class Admin::UsersController < Admin::ApplicationController
@user
||=
User
.
find_by!
(
username:
params
[
:id
])
@user
||=
User
.
find_by!
(
username:
params
[
:id
])
end
end
def
user_params
params
.
require
(
:user
).
permit
(
:email
,
:remember_me
,
:bio
,
:name
,
:username
,
:skype
,
:linkedin
,
:twitter
,
:website_url
,
:color_scheme_id
,
:theme_id
,
:force_random_password
,
:extern_uid
,
:provider
,
:password_expires_at
,
:avatar
,
:hide_no_ssh_key
,
:hide_no_password
,
:projects_limit
,
:can_create_group
,
:admin
,
:key_id
,
:external
)
end
def
redirect_back_or_admin_user
(
options
=
{})
def
redirect_back_or_admin_user
(
options
=
{})
redirect_back_or_default
(
default:
default_route
,
options:
options
)
redirect_back_or_default
(
default:
default_route
,
options:
options
)
end
end
...
@@ -177,4 +168,36 @@ class Admin::UsersController < Admin::ApplicationController
...
@@ -177,4 +168,36 @@ class Admin::UsersController < Admin::ApplicationController
def
default_route
def
default_route
[
:admin
,
@user
]
[
:admin
,
@user
]
end
end
def
user_params
params
.
require
(
:user
).
permit
(
user_params_ce
)
end
def
user_params_ce
[
:admin
,
:avatar
,
:bio
,
:can_create_group
,
:color_scheme_id
,
:email
,
:extern_uid
,
:external
,
:force_random_password
,
:hide_no_password
,
:hide_no_ssh_key
,
:key_id
,
:linkedin
,
:name
,
:password_expires_at
,
:projects_limit
,
:provider
,
:remember_me
,
:skype
,
:theme_id
,
:twitter
,
:username
,
:website_url
]
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment