|
|
|
@@ -7,6 +7,7 @@ class RepositoriesController < ApplicationController |
|
|
|
before_action :require_login, only: %i[edit update create_file update_file delete_file sync_mirror]
|
|
|
|
before_action :require_profile_completed, only: [:create_file]
|
|
|
|
before_action :load_repository
|
|
|
|
before_action :require_operate_above, only: %i[create_file update_file replace_file delete_file]
|
|
|
|
before_action :authorizate!, except: [:sync_mirror, :tags, :commit, :archive]
|
|
|
|
before_action :authorizate_user_can_edit_repo!, only: %i[sync_mirror]
|
|
|
|
before_action :get_ref, only: %i[entries sub_entries top_counts files archive]
|
|
|
|
@@ -437,4 +438,8 @@ class RepositoriesController < ApplicationController |
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def require_operate_above
|
|
|
|
return render_forbidden if !current_user.admin? && !@project.operator?(current_user)
|
|
|
|
end
|
|
|
|
|
|
|
|
end
|
yystopf
2 years ago