Commit e7b2e1e1 authored by Thong Kuah's avatar Thong Kuah

Merge branch 'use_strong_parameters_for_forks_controller' into 'master'

Use strong_parameters for ForksController#index

See merge request gitlab-org/gitlab!79482
parents af4eb186 824dce63
...@@ -22,14 +22,14 @@ class Projects::ForksController < Projects::ApplicationController ...@@ -22,14 +22,14 @@ class Projects::ForksController < Projects::ApplicationController
end end
def index def index
@sort = params[:sort] @sort = forks_params[:sort]
@total_forks_count = project.forks.size @total_forks_count = project.forks.size
@public_forks_count = project.forks.public_only.size @public_forks_count = project.forks.public_only.size
@private_forks_count = @total_forks_count - project.forks.public_and_internal_only.size @private_forks_count = @total_forks_count - project.forks.public_and_internal_only.size
@internal_forks_count = @total_forks_count - @public_forks_count - @private_forks_count @internal_forks_count = @total_forks_count - @public_forks_count - @private_forks_count
@forks = load_forks.page(params[:page]) @forks = load_forks.page(forks_params[:page])
prepare_projects_for_rendering(@forks) prepare_projects_for_rendering(@forks)
...@@ -98,7 +98,7 @@ class Projects::ForksController < Projects::ApplicationController ...@@ -98,7 +98,7 @@ class Projects::ForksController < Projects::ApplicationController
def load_forks def load_forks
forks = ForkProjectsFinder.new( forks = ForkProjectsFinder.new(
project, project,
params: params.merge(search: params[:filter_projects]), params: forks_params.merge(search: forks_params[:filter_projects]),
current_user: current_user current_user: current_user
).execute ).execute
...@@ -117,6 +117,10 @@ class Projects::ForksController < Projects::ApplicationController ...@@ -117,6 +117,10 @@ class Projects::ForksController < Projects::ApplicationController
end end
end end
def forks_params
params.permit(:filter_projects, :sort, :page)
end
def fork_params def fork_params
params.permit(:path, :name, :description, :visibility).tap do |param| params.permit(:path, :name, :description, :visibility).tap do |param|
param[:namespace] = fork_namespace param[:namespace] = fork_namespace
......
...@@ -67,6 +67,18 @@ RSpec.describe Projects::ForksController do ...@@ -67,6 +67,18 @@ RSpec.describe Projects::ForksController do
expect(assigns[:private_forks_count]).to eq(0) expect(assigns[:private_forks_count]).to eq(0)
end end
end end
context 'when unsupported keys are provided' do
it 'ignores them' do
get :index, params: {
namespace_id: project.namespace,
project_id: project,
user: 'unsupported'
}
expect(assigns[:forks]).to be_present
end
end
end end
context 'when fork is internal' do context 'when fork is internal' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment