Commit 5a4ebfb4 authored by Jeroen van Baarsen's avatar Jeroen van Baarsen

Fixed the Rails/ActionFilter cop

Signed-off-by: default avatarJeroen van Baarsen <jeroenvanbaarsen@gmail.com>
parent 76aade28
......@@ -954,7 +954,7 @@ Lint/Void:
Rails/ActionFilter:
Description: 'Enforces consistent use of action filter methods.'
Enabled: false
Enabled: true
Rails/DefaultScope:
Description: 'Checks if the argument passed to default_scope is a block.'
......
......@@ -3,7 +3,7 @@
# Automatically sets the layout and ensures an administrator is logged in
class Admin::ApplicationController < ApplicationController
layout 'admin'
before_filter :authenticate_admin!
before_action :authenticate_admin!
def authenticate_admin!
return render_404 unless current_user.is_admin?
......
class Admin::ApplicationSettingsController < Admin::ApplicationController
before_filter :set_application_setting
before_action :set_application_setting
def show
end
......
class Admin::BroadcastMessagesController < Admin::ApplicationController
before_filter :broadcast_messages
before_action :broadcast_messages
def index
@broadcast_message = BroadcastMessage.new
......
class Admin::DeployKeysController < Admin::ApplicationController
before_filter :deploy_keys, only: [:index]
before_filter :deploy_key, only: [:show, :destroy]
before_action :deploy_keys, only: [:index]
before_action :deploy_key, only: [:show, :destroy]
def index
......
class Admin::GroupsController < Admin::ApplicationController
before_filter :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update]
before_action :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update]
def index
@groups = Group.all
......
class Admin::KeysController < Admin::ApplicationController
before_filter :user, only: [:show, :destroy]
before_action :user, only: [:show, :destroy]
def show
@key = user.keys.find(params[:id])
......
class Admin::ProjectsController < Admin::ApplicationController
before_filter :project, only: [:show, :transfer]
before_filter :group, only: [:show, :transfer]
before_filter :repository, only: [:show, :transfer]
before_action :project, only: [:show, :transfer]
before_action :group, only: [:show, :transfer]
before_action :repository, only: [:show, :transfer]
def index
@projects = Project.all
......
class Admin::ServicesController < Admin::ApplicationController
before_filter :service, only: [:edit, :update]
before_action :service, only: [:edit, :update]
def index
@services = services_templates
......
class Admin::UsersController < Admin::ApplicationController
before_filter :user, only: [:show, :edit, :update, :destroy]
before_action :user, only: [:show, :edit, :update, :destroy]
def index
@users = User.order_name_asc.filter(params[:filter])
......
......@@ -6,15 +6,15 @@ class ApplicationController < ActionController::Base
PER_PAGE = 20
before_filter :authenticate_user_from_token!
before_filter :authenticate_user!
before_filter :reject_blocked!
before_filter :check_password_expiration
before_filter :ldap_security_check
before_filter :default_headers
before_filter :add_gon_variables
before_filter :configure_permitted_parameters, if: :devise_controller?
before_filter :require_email, unless: :devise_controller?
before_action :authenticate_user_from_token!
before_action :authenticate_user!
before_action :reject_blocked!
before_action :check_password_expiration
before_action :ldap_security_check
before_action :default_headers
before_action :add_gon_variables
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :require_email, unless: :devise_controller?
protect_from_forgery with: :exception
......
class Dashboard::MilestonesController < ApplicationController
before_filter :load_projects
before_action :load_projects
def index
project_milestones = case params[:state]
......
class Dashboard::ProjectsController < ApplicationController
before_filter :event_filter
before_action :event_filter
def starred
@projects = current_user.starred_projects
......
class DashboardController < ApplicationController
respond_to :html
before_filter :load_projects, except: [:projects]
before_filter :event_filter, only: :show
before_action :load_projects, except: [:projects]
before_action :event_filter, only: :show
def show
@projects = @projects.includes(:namespace)
......
class Explore::GroupsController < ApplicationController
skip_before_filter :authenticate_user!,
skip_before_action :authenticate_user!,
:reject_blocked, :set_current_user_for_observers
layout "explore"
......
class Explore::ProjectsController < ApplicationController
skip_before_filter :authenticate_user!,
skip_before_action :authenticate_user!,
:reject_blocked
layout 'explore'
......
class Groups::GroupMembersController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:index]
before_filter :group
skip_before_action :authenticate_user!, only: [:index]
before_action :group
# Authorize
before_filter :authorize_read_group!
before_filter :authorize_admin_group!, except: [:index, :leave]
before_action :authorize_read_group!
before_action :authorize_admin_group!, except: [:index, :leave]
layout :determine_layout
......
class Groups::MilestonesController < ApplicationController
layout 'group'
before_filter :authorize_group_milestone!, only: :update
before_action :authorize_group_milestone!, only: :update
def index
project_milestones = case params[:state]
......
class GroupsController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:show, :issues, :merge_requests]
skip_before_action :authenticate_user!, only: [:show, :issues, :merge_requests]
respond_to :html
before_filter :group, except: [:new, :create]
before_action :group, except: [:new, :create]
# Authorize
before_filter :authorize_read_group!, except: [:new, :create]
before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_filter :authorize_create_group!, only: [:new, :create]
before_action :authorize_read_group!, except: [:new, :create]
before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_action :authorize_create_group!, only: [:new, :create]
# Load group projects
before_filter :load_projects, except: [:new, :create, :projects, :edit, :update]
before_filter :event_filter, only: :show
before_filter :set_title, only: [:new, :create]
before_action :load_projects, except: [:new, :create, :projects, :edit, :update]
before_action :event_filter, only: :show
before_action :set_title, only: [:new, :create]
layout :determine_layout
......
class Import::BitbucketController < Import::BaseController
before_filter :verify_bitbucket_import_enabled
before_filter :bitbucket_auth, except: :callback
before_action :verify_bitbucket_import_enabled
before_action :bitbucket_auth, except: :callback
rescue_from OAuth::Error, with: :bitbucket_unauthorized
......
class Import::GithubController < Import::BaseController
before_filter :verify_github_import_enabled
before_filter :github_auth, except: :callback
before_action :verify_github_import_enabled
before_action :github_auth, except: :callback
rescue_from Octokit::Unauthorized, with: :github_unauthorized
......
class Import::GitlabController < Import::BaseController
before_filter :verify_gitlab_import_enabled
before_filter :gitlab_auth, except: :callback
before_action :verify_gitlab_import_enabled
before_action :gitlab_auth, except: :callback
rescue_from OAuth2::Error, with: :gitlab_unauthorized
......
class Import::GoogleCodeController < Import::BaseController
before_filter :user_map, only: [:new_user_map, :create_user_map]
before_action :user_map, only: [:new_user_map, :create_user_map]
def new
......
class InvitesController < ApplicationController
before_filter :member
skip_before_filter :authenticate_user!, only: :decline
before_action :member
skip_before_action :authenticate_user!, only: :decline
respond_to :html
......
class NamespacesController < ApplicationController
skip_before_filter :authenticate_user!
skip_before_action :authenticate_user!
def show
namespace = Namespace.find_by(path: params[:id])
......
class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
before_filter :authenticate_user!
before_action :authenticate_user!
layout "profile"
def index
......
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
before_filter :authenticate_resource_owner!
before_action :authenticate_resource_owner!
layout "profile"
def new
......
class Profiles::KeysController < ApplicationController
layout "profile"
skip_before_filter :authenticate_user!, only: [:get_keys]
skip_before_action :authenticate_user!, only: [:get_keys]
def index
@keys = current_user.keys
......
class Profiles::PasswordsController < ApplicationController
layout :determine_layout
skip_before_filter :check_password_expiration, only: [:new, :create]
skip_before_action :check_password_expiration, only: [:new, :create]
before_filter :set_user
before_filter :set_title
before_filter :authorize_change_password!
before_action :set_user
before_action :set_title
before_action :authorize_change_password!
def new
end
......
class ProfilesController < ApplicationController
include ActionView::Helpers::SanitizeHelper
before_filter :user
before_filter :authorize_change_username!, only: :update_username
skip_before_filter :require_email, only: [:show, :update]
before_action :user
before_action :authorize_change_username!, only: :update_username
skip_before_action :require_email, only: [:show, :update]
layout 'profile'
......
class Projects::ApplicationController < ApplicationController
before_filter :project
before_filter :repository
before_action :project
before_action :repository
layout :determine_layout
def authenticate_user!
......
class Projects::AvatarsController < Projects::ApplicationController
layout 'project'
before_filter :project
before_action :project
def show
@blob = @project.repository.blob_at_branch('master', @project.avatar_in_git)
......
......@@ -2,9 +2,9 @@
class Projects::BlameController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
@blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path)
......
......@@ -6,15 +6,15 @@ class Projects::BlobController < Projects::ApplicationController
# Raised when given an invalid file path
class InvalidPathError < StandardError; end
before_filter :require_non_empty_project, except: [:new, :create]
before_filter :authorize_download_code!
before_filter :authorize_push_code!, only: [:destroy]
before_filter :assign_blob_vars
before_filter :commit, except: [:new, :create]
before_filter :blob, except: [:new, :create]
before_filter :from_merge_request, only: [:edit, :update]
before_filter :after_edit_path, only: [:edit, :update]
before_filter :require_branch_head, only: [:edit, :update]
before_action :require_non_empty_project, except: [:new, :create]
before_action :authorize_download_code!
before_action :authorize_push_code!, only: [:destroy]
before_action :assign_blob_vars
before_action :commit, except: [:new, :create]
before_action :blob, except: [:new, :create]
before_action :from_merge_request, only: [:edit, :update]
before_action :after_edit_path, only: [:edit, :update]
before_action :require_branch_head, only: [:edit, :update]
def new
commit unless @repository.empty?
......
class Projects::BranchesController < Projects::ApplicationController
include ActionView::Helpers::SanitizeHelper
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_filter :authorize_push_code!, only: [:create, :destroy]
before_action :require_non_empty_project
before_action :authorize_download_code!
before_action :authorize_push_code!, only: [:create, :destroy]
def index
@sort = params[:sort] || 'name'
......
......@@ -3,9 +3,9 @@
# Not to be confused with CommitsController, plural.
class Projects::CommitController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_filter :commit
before_action :require_non_empty_project
before_action :authorize_download_code!
before_action :commit
def show
return git_not_found! unless @commit
......
......@@ -3,9 +3,9 @@ require "base64"
class Projects::CommitsController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
@repo = @project.repository
......
class Projects::CompareController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def index
end
......
......@@ -2,7 +2,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
respond_to :html
# Authorize
before_filter :authorize_admin_project!
before_action :authorize_admin_project!
layout "project_settings"
......
class Projects::ForksController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def new
@namespaces = current_user.manageable_namespaces
......
class Projects::GraphsController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def show
respond_to do |format|
......
class Projects::HooksController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!
before_action :authorize_admin_project!
respond_to :html
......
class Projects::ImportsController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!
before_filter :require_no_repo
before_filter :redirect_if_progress, except: :show
before_action :authorize_admin_project!
before_action :require_no_repo
before_action :redirect_if_progress, except: :show
def new
end
......
class Projects::IssuesController < Projects::ApplicationController
before_filter :module_enabled
before_filter :issue, only: [:edit, :update, :show, :toggle_subscription]
before_action :module_enabled
before_action :issue, only: [:edit, :update, :show, :toggle_subscription]
# Allow read any issue
before_filter :authorize_read_issue!
before_action :authorize_read_issue!
# Allow write(create) issue
before_filter :authorize_write_issue!, only: [:new, :create]
before_action :authorize_write_issue!, only: [:new, :create]
# Allow modify issue
before_filter :authorize_modify_issue!, only: [:edit, :update]
before_action :authorize_modify_issue!, only: [:edit, :update]
# Allow issues bulk update
before_filter :authorize_admin_issues!, only: [:bulk_update]
before_action :authorize_admin_issues!, only: [:bulk_update]
respond_to :html
......
class Projects::LabelsController < Projects::ApplicationController
before_filter :module_enabled
before_filter :label, only: [:edit, :update, :destroy]
before_filter :authorize_labels!
before_filter :authorize_admin_labels!, except: [:index]
before_action :module_enabled
before_action :label, only: [:edit, :update, :destroy]
before_action :authorize_labels!
before_action :authorize_admin_labels!, except: [:index]
respond_to :js, :html
......
require 'gitlab/satellite/satellite'
class Projects::MergeRequestsController < Projects::ApplicationController
before_filter :module_enabled
before_filter :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription]
before_filter :closes_issues, only: [:edit, :update, :show, :diffs]
before_filter :validates_merge_request, only: [:show, :diffs]
before_filter :define_show_vars, only: [:show, :diffs]
before_action :module_enabled
before_action :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription]
before_action :closes_issues, only: [:edit, :update, :show, :diffs]
before_action :validates_merge_request, only: [:show, :diffs]
before_action :define_show_vars, only: [:show, :diffs]
# Allow read any merge_request
before_filter :authorize_read_merge_request!
before_action :authorize_read_merge_request!
# Allow write(create) merge_request
before_filter :authorize_write_merge_request!, only: [:new, :create]
before_action :authorize_write_merge_request!, only: [:new, :create]
# Allow modify merge_request
before_filter :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
def index
terms = params['issue_search']
......
class Projects::MilestonesController < Projects::ApplicationController
before_filter :module_enabled
before_filter :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
before_action :module_enabled
before_action :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
# Allow read any milestone
before_filter :authorize_read_milestone!
before_action :authorize_read_milestone!
# Allow admin milestone
before_filter :authorize_admin_milestone!, except: [:index, :show]
before_action :authorize_admin_milestone!, except: [:index, :show]
respond_to :html
......
......@@ -2,9 +2,9 @@ class Projects::NetworkController < Projects::ApplicationController
include ExtractsPath
include ApplicationHelper
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
respond_to do |format|
......
class Projects::NotesController < Projects::ApplicationController
# Authorize
before_filter :authorize_read_note!
before_filter :authorize_write_note!, only: [:create]
before_filter :authorize_admin_note!, only: [:update, :destroy]
before_filter :find_current_user_notes, except: [:destroy, :delete_attachment]
before_action :authorize_read_note!
before_action :authorize_write_note!, only: [:create]
before_action :authorize_admin_note!, only: [:update, :destroy]
before_action :find_current_user_notes, except: [:destroy, :delete_attachment]
def index
current_fetched_at = Time.now.to_i
......
class Projects::ProjectMembersController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!, except: :leave
before_action :authorize_admin_project!, except: :leave
layout "project_settings"
......
class Projects::ProtectedBranchesController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_admin_project!
before_action :require_non_empty_project
before_action :authorize_admin_project!
layout "project_settings"
......
......@@ -2,9 +2,9 @@
class Projects::RawController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
@blob = @repository.blob_at(@commit.id, @path)
......
class Projects::RefsController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def switch
respond_to do |format|
......
class Projects::RepositoriesController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project, except: :create
before_filter :authorize_download_code!
before_filter :authorize_admin_project!, only: :create
before_action :require_non_empty_project, except: :create
before_action :authorize_download_code!
before_action :authorize_admin_project!, only: :create
def create
@project.create_repository
......
class Projects::ServicesController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!
before_filter :service, only: [:edit, :update, :test]
before_action :authorize_admin_project!
before_action :service, only: [:edit, :update, :test]
respond_to :html
......
class Projects::SnippetsController < Projects::ApplicationController
before_filter :module_enabled
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw]
before_action :module_enabled
before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
# Allow read any snippet
before_filter :authorize_read_project_snippet!
before_action :authorize_read_project_snippet!
# Allow write(create) snippet
before_filter :authorize_write_project_snippet!, only: [:new, :create]
before_action :authorize_write_project_snippet!, only: [:new, :create]
# Allow modify snippet
before_filter :authorize_modify_project_snippet!, only: [:edit, :update]
before_action :authorize_modify_project_snippet!, only: [:edit, :update]
# Allow destroy snippet
before_filter :authorize_admin_project_snippet!, only: [:destroy]
before_action :authorize_admin_project_snippet!, only: [:destroy]
respond_to :html
......
class Projects::TagsController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_filter :authorize_push_code!, only: [:create]
before_filter :authorize_admin_project!, only: [:destroy]
before_action :require_non_empty_project
before_action :authorize_download_code!
before_action :authorize_push_code!, only: [:create]
before_action :authorize_admin_project!, only: [:destroy]
def index
sorted = VersionSorter.rsort(@repository.tag_names)
......
......@@ -2,9 +2,9 @@
class Projects::TreeController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project, except: [:new, :create]
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project, except: [:new, :create]
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
if tree.entries.empty?
......
......@@ -4,8 +4,8 @@ class Projects::UploadsController < Projects::ApplicationController
# We want to skip these filters for only the `show` action if `image?` is true,
# but `skip_before_filter` doesn't work with both `only` and `if`, so we accomplish the same like this.
skipped_filters = [:authenticate_user!, :reject_blocked!, :project, :repository]
skip_before_filter *skipped_filters, only: [:show]
before_filter *skipped_filters, only: [:show], unless: :image?
skip_before_action *skipped_filters, only: [:show]
before_action *skipped_filters, only: [:show], unless: :image?
def create
link_to_file = ::Projects::UploadService.new(project, params[:file]).
......
require 'project_wiki'
class Projects::WikisController < Projects::ApplicationController
before_filter :authorize_read_wiki!
before_filter :authorize_write_wiki!, only: [:edit, :create, :history]
before_filter :authorize_admin_wiki!, only: :destroy
before_filter :load_project_wiki
before_action :authorize_read_wiki!
before_action :authorize_write_wiki!, only: [:edit, :create, :history]
before_action :authorize_admin_wiki!, only: :destroy
before_action :load_project_wiki
include WikiHelper
def pages
......
class ProjectsController < ApplicationController
prepend_before_filter :render_go_import, only: [:show]
skip_before_filter :authenticate_user!, only: [:show]
before_filter :project, except: [:new, :create]
before_filter :repository, except: [:new, :create]
skip_before_action :authenticate_user!, only: [:show]
before_action :project, except: [:new, :create]
before_action :repository, except: [:new, :create]
# Authorize
before_filter :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive]
before_filter :set_title, only: [:new, :create]
before_filter :event_filter, only: :show
before_action :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive]
before_action :set_title, only: [:new, :create]
before_action :event_filter, only: :show
layout 'navless', only: [:new, :create, :fork]
......
class RegistrationsController < Devise::RegistrationsController
before_filter :signup_enabled?
before_action :signup_enabled?
def new
redirect_to(new_user_session_path)
......
class SnippetsController < ApplicationController
before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw]
before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
# Allow modify snippet
before_filter :authorize_modify_snippet!, only: [:edit, :update]
before_action :authorize_modify_snippet!, only: [:edit, :update]
# Allow destroy snippet
before_filter :authorize_admin_snippet!, only: [:destroy]
before_action :authorize_admin_snippet!, only: [:destroy]
before_filter :set_title
before_action :set_title
skip_before_filter :authenticate_user!, only: [:index, :user_index, :show, :raw]
skip_before_action :authenticate_user!, only: [:index, :user_index, :show, :raw]
respond_to :html
......
class UploadsController < ApplicationController
skip_before_filter :authenticate_user!
before_filter :find_model, :authorize_access!
skip_before_action :authenticate_user!
before_action :find_model, :authorize_access!
def show
uploader = @model.send(upload_mount)
......
class UsersController < ApplicationController
skip_before_filter :authenticate_user!
before_filter :set_user
skip_before_action :authenticate_user!
before_action :set_user
layout :determine_layout
def show
......
......@@ -470,7 +470,6 @@ ActiveRecord::Schema.define(version: 20150417122318) do
t.integer "notification_level", default: 1, null: false
t.datetime "password_expires_at"
t.integer "created_by_id"
t.datetime "last_credential_check_at"
t.string "avatar"
t.string "confirmation_token"
t.datetime "confirmed_at"
......@@ -478,6 +477,7 @@ ActiveRecord::Schema.define(version: 20150417122318) do
t.string "unconfirmed_email"
t.boolean "hide_no_ssh_key", default: false
t.string "website_url", default: "", null: false
t.datetime "last_credential_check_at"
t.string "github_access_token"
t.string "gitlab_access_token"
t.string "notification_email"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment