Browse Source

Merge branch 'dev_devops' of http://gitea.trustie.net/jasder/forgeplus into dev_devops

tags/v1.0.0
sylor_huang@126.com 6 years ago
parent
commit
b47f38137b
1 changed files with 8 additions and 3 deletions
  1. +8
    -3
      app/controllers/projects_controller.rb

+ 8
- 3
app/controllers/projects_controller.rb View File

@@ -5,7 +5,7 @@ class ProjectsController < ApplicationController
before_action :require_login, except: %i[index branches group_type_list simple]
before_action :find_project_with_id, only: %i[show branches update destroy fork_users praise_users watch_users]
before_action :authorizate_user_can_edit_project!, only: %i[update]
before_action :project_public?, only: %i[fork_users praise_users watch_user]
before_action :project_public?, only: %i[fork_users praise_users watch_users]

def index
scope = Projects::ListQuery.call(params)
@@ -116,8 +116,13 @@ class ProjectsController < ApplicationController
end

def project_public?
unless @project.is_public || current_user&admin?
tip_exception(403, "..")
return if @project.is_public?

if current_user
return if current_user.admin? || @project.member?(current_user.id)
render_forbidden('你没有权限访问.')
else
render_unauthorized('你还未登录.')
end
end
end

Loading…
Cancel
Save