Commit 5a4ebfb4 authored by Jeroen van Baarsen's avatar Jeroen van Baarsen

Fixed the Rails/ActionFilter cop

Signed-off-by: Jeroen van Baarsen's avatarJeroen van Baarsen <jeroenvanbaarsen@gmail.com>
parent 76aade28
......@@ -954,7 +954,7 @@ Lint/Void:
Rails/ActionFilter:
Description: 'Enforces consistent use of action filter methods.'
Enabled: false
Enabled: true
Rails/DefaultScope:
Description: 'Checks if the argument passed to default_scope is a block.'
......
......@@ -3,7 +3,7 @@
# Automatically sets the layout and ensures an administrator is logged in
class Admin::ApplicationController < ApplicationController
layout 'admin'
before_filter :authenticate_admin!
before_action :authenticate_admin!
def authenticate_admin!
return render_404 unless current_user.is_admin?
......
class Admin::ApplicationSettingsController < Admin::ApplicationController
before_filter :set_application_setting
before_action :set_application_setting
def show
end
......
class Admin::BroadcastMessagesController < Admin::ApplicationController
before_filter :broadcast_messages
before_action :broadcast_messages
def index
@broadcast_message = BroadcastMessage.new
......
class Admin::DeployKeysController < Admin::ApplicationController
before_filter :deploy_keys, only: [:index]
before_filter :deploy_key, only: [:show, :destroy]
before_action :deploy_keys, only: [:index]
before_action :deploy_key, only: [:show, :destroy]
def index
end
def show
end
def new
......
class Admin::GroupsController < Admin::ApplicationController
before_filter :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update]
before_action :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update]
def index
@groups = Group.all
......
class Admin::KeysController < Admin::ApplicationController
before_filter :user, only: [:show, :destroy]
before_action :user, only: [:show, :destroy]
def show
@key = user.keys.find(params[:id])
......
class Admin::ProjectsController < Admin::ApplicationController
before_filter :project, only: [:show, :transfer]
before_filter :group, only: [:show, :transfer]
before_filter :repository, only: [:show, :transfer]
before_action :project, only: [:show, :transfer]
before_action :group, only: [:show, :transfer]
before_action :repository, only: [:show, :transfer]
def index
@projects = Project.all
......
class Admin::ServicesController < Admin::ApplicationController
before_filter :service, only: [:edit, :update]
before_action :service, only: [:edit, :update]
def index
@services = services_templates
......
class Admin::UsersController < Admin::ApplicationController
before_filter :user, only: [:show, :edit, :update, :destroy]
before_action :user, only: [:show, :edit, :update, :destroy]
def index
@users = User.order_name_asc.filter(params[:filter])
......
......@@ -6,15 +6,15 @@ class ApplicationController < ActionController::Base
PER_PAGE = 20
before_filter :authenticate_user_from_token!
before_filter :authenticate_user!
before_filter :reject_blocked!
before_filter :check_password_expiration
before_filter :ldap_security_check
before_filter :default_headers
before_filter :add_gon_variables
before_filter :configure_permitted_parameters, if: :devise_controller?
before_filter :require_email, unless: :devise_controller?
before_action :authenticate_user_from_token!
before_action :authenticate_user!
before_action :reject_blocked!
before_action :check_password_expiration
before_action :ldap_security_check
before_action :default_headers
before_action :add_gon_variables
before_action :configure_permitted_parameters, if: :devise_controller?
before_action :require_email, unless: :devise_controller?
protect_from_forgery with: :exception
......
class Dashboard::MilestonesController < ApplicationController
before_filter :load_projects
before_action :load_projects
def index
project_milestones = case params[:state]
......
class Dashboard::ProjectsController < ApplicationController
before_filter :event_filter
before_action :event_filter
def starred
@projects = current_user.starred_projects
......
class DashboardController < ApplicationController
respond_to :html
before_filter :load_projects, except: [:projects]
before_filter :event_filter, only: :show
before_action :load_projects, except: [:projects]
before_action :event_filter, only: :show
def show
@projects = @projects.includes(:namespace)
......
class Explore::GroupsController < ApplicationController
skip_before_filter :authenticate_user!,
skip_before_action :authenticate_user!,
:reject_blocked, :set_current_user_for_observers
layout "explore"
......
class Explore::ProjectsController < ApplicationController
skip_before_filter :authenticate_user!,
skip_before_action :authenticate_user!,
:reject_blocked
layout 'explore'
......
class Groups::GroupMembersController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:index]
before_filter :group
skip_before_action :authenticate_user!, only: [:index]
before_action :group
# Authorize
before_filter :authorize_read_group!
before_filter :authorize_admin_group!, except: [:index, :leave]
before_action :authorize_read_group!
before_action :authorize_admin_group!, except: [:index, :leave]
layout :determine_layout
......@@ -49,7 +49,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
def resend_invite
redirect_path = group_group_members_path(@group)
@group_member = @group.group_members.find(params[:id])
if @group_member.invite?
......@@ -63,7 +63,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
def leave
@group_member = @group.group_members.where(user_id: current_user.id).first
if can?(current_user, :destroy_group_member, @group_member)
@group_member.destroy
redirect_to(dashboard_groups_path, notice: "You left #{group.name} group.")
......
class Groups::MilestonesController < ApplicationController
layout 'group'
before_filter :authorize_group_milestone!, only: :update
before_action :authorize_group_milestone!, only: :update
def index
project_milestones = case params[:state]
......
class GroupsController < Groups::ApplicationController
skip_before_filter :authenticate_user!, only: [:show, :issues, :merge_requests]
skip_before_action :authenticate_user!, only: [:show, :issues, :merge_requests]
respond_to :html
before_filter :group, except: [:new, :create]
before_action :group, except: [:new, :create]
# Authorize
before_filter :authorize_read_group!, except: [:new, :create]
before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_filter :authorize_create_group!, only: [:new, :create]
before_action :authorize_read_group!, except: [:new, :create]
before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_action :authorize_create_group!, only: [:new, :create]
# Load group projects
before_filter :load_projects, except: [:new, :create, :projects, :edit, :update]
before_filter :event_filter, only: :show
before_filter :set_title, only: [:new, :create]
before_action :load_projects, except: [:new, :create, :projects, :edit, :update]
before_action :event_filter, only: :show
before_action :set_title, only: [:new, :create]
layout :determine_layout
......
class Import::BitbucketController < Import::BaseController
before_filter :verify_bitbucket_import_enabled
before_filter :bitbucket_auth, except: :callback
before_action :verify_bitbucket_import_enabled
before_action :bitbucket_auth, except: :callback
rescue_from OAuth::Error, with: :bitbucket_unauthorized
def callback
request_token = session.delete(:oauth_request_token)
request_token = session.delete(:oauth_request_token)
raise "Session expired!" if request_token.nil?
request_token.symbolize_keys!
access_token = client.get_token(request_token, params[:oauth_verifier], callback_import_bitbucket_url)
current_user.bitbucket_access_token = access_token.token
......@@ -21,7 +21,7 @@ class Import::BitbucketController < Import::BaseController
def status
@repos = client.projects
@already_added_projects = current_user.created_projects.where(import_type: "bitbucket")
already_added_projects_names = @already_added_projects.pluck(:import_source)
......@@ -41,7 +41,7 @@ class Import::BitbucketController < Import::BaseController
repo_owner = repo["owner"]
repo_owner = current_user.username if repo_owner == client.user["user"]["username"]
@target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return)
unless Gitlab::BitbucketImport::KeyAdder.new(repo, current_user).execute
......
class Import::GithubController < Import::BaseController
before_filter :verify_github_import_enabled
before_filter :github_auth, except: :callback
before_action :verify_github_import_enabled
before_action :github_auth, except: :callback
rescue_from Octokit::Unauthorized, with: :github_unauthorized
......@@ -36,7 +36,7 @@ class Import::GithubController < Import::BaseController
repo_owner = repo.owner.login
repo_owner = current_user.username if repo_owner == client.user.login
@target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return)
@project = Gitlab::GithubImport::ProjectCreator.new(repo, namespace, current_user).execute
......
class Import::GitlabController < Import::BaseController
before_filter :verify_gitlab_import_enabled
before_filter :gitlab_auth, except: :callback
before_action :verify_gitlab_import_enabled
before_action :gitlab_auth, except: :callback
rescue_from OAuth2::Error, with: :gitlab_unauthorized
......@@ -13,7 +13,7 @@ class Import::GitlabController < Import::BaseController
def status
@repos = client.projects
@already_added_projects = current_user.created_projects.where(import_type: "gitlab")
already_added_projects_names = @already_added_projects.pluck(:import_source)
......@@ -33,7 +33,7 @@ class Import::GitlabController < Import::BaseController
repo_owner = repo["namespace"]["path"]
repo_owner = current_user.username if repo_owner == client.user["username"]
@target_namespace = params[:new_namespace].presence || repo_owner
namespace = get_or_create_namespace || (render and return)
@project = Gitlab::GitlabImport::ProjectCreator.new(repo, namespace, current_user).execute
......
class Import::GoogleCodeController < Import::BaseController
before_filter :user_map, only: [:new_user_map, :create_user_map]
before_action :user_map, only: [:new_user_map, :create_user_map]
def new
end
def callback
......@@ -68,7 +68,7 @@ class Import::GoogleCodeController < Import::BaseController
def status
unless client.valid?
return redirect_to new_import_google_path
return redirect_to new_import_google_path
end
@repos = client.repos
......
class InvitesController < ApplicationController
before_filter :member
skip_before_filter :authenticate_user!, only: :decline
before_action :member
skip_before_action :authenticate_user!, only: :decline
respond_to :html
......@@ -24,7 +24,7 @@ class InvitesController < ApplicationController
if member.decline_invite!
label, _ = source_info(member.source)
path =
path =
if current_user
dashboard_path
else
......@@ -41,7 +41,7 @@ class InvitesController < ApplicationController
def member
return @member if defined?(@member)
@token = params[:id]
@member = Member.find_by_invite_token(@token)
......
class NamespacesController < ApplicationController
skip_before_filter :authenticate_user!
skip_before_action :authenticate_user!
def show
namespace = Namespace.find_by(path: params[:id])
......
class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
before_filter :authenticate_user!
before_action :authenticate_user!
layout "profile"
def index
......@@ -10,7 +10,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
@application = Doorkeeper::Application.new(application_params)
@application.owner = current_user
if @application.save
flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create])
redirect_to oauth_application_url(@application)
......
class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
before_filter :authenticate_resource_owner!
before_action :authenticate_resource_owner!
layout "profile"
def new
......
class Profiles::KeysController < ApplicationController
layout "profile"
skip_before_filter :authenticate_user!, only: [:get_keys]
skip_before_action :authenticate_user!, only: [:get_keys]
def index
@keys = current_user.keys
......
class Profiles::PasswordsController < ApplicationController
layout :determine_layout
skip_before_filter :check_password_expiration, only: [:new, :create]
skip_before_action :check_password_expiration, only: [:new, :create]
before_filter :set_user
before_filter :set_title
before_filter :authorize_change_password!
before_action :set_user
before_action :set_title
before_action :authorize_change_password!
def new
end
......
class ProfilesController < ApplicationController
include ActionView::Helpers::SanitizeHelper
before_filter :user
before_filter :authorize_change_username!, only: :update_username
skip_before_filter :require_email, only: [:show, :update]
before_action :user
before_action :authorize_change_username!, only: :update_username
skip_before_action :require_email, only: [:show, :update]
layout 'profile'
......
class Projects::ApplicationController < ApplicationController
before_filter :project
before_filter :repository
before_action :project
before_action :repository
layout :determine_layout
def authenticate_user!
......
class Projects::AvatarsController < Projects::ApplicationController
layout 'project'
before_filter :project
before_action :project
def show
@blob = @project.repository.blob_at_branch('master', @project.avatar_in_git)
......
......@@ -2,9 +2,9 @@
class Projects::BlameController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
@blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path)
......
......@@ -6,15 +6,15 @@ class Projects::BlobController < Projects::ApplicationController
# Raised when given an invalid file path
class InvalidPathError < StandardError; end
before_filter :require_non_empty_project, except: [:new, :create]
before_filter :authorize_download_code!
before_filter :authorize_push_code!, only: [:destroy]
before_filter :assign_blob_vars
before_filter :commit, except: [:new, :create]
before_filter :blob, except: [:new, :create]
before_filter :from_merge_request, only: [:edit, :update]
before_filter :after_edit_path, only: [:edit, :update]
before_filter :require_branch_head, only: [:edit, :update]
before_action :require_non_empty_project, except: [:new, :create]
before_action :authorize_download_code!
before_action :authorize_push_code!, only: [:destroy]
before_action :assign_blob_vars
before_action :commit, except: [:new, :create]
before_action :blob, except: [:new, :create]
before_action :from_merge_request, only: [:edit, :update]
before_action :after_edit_path, only: [:edit, :update]
before_action :require_branch_head, only: [:edit, :update]
def new
commit unless @repository.empty?
......
class Projects::BranchesController < Projects::ApplicationController
include ActionView::Helpers::SanitizeHelper
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_filter :authorize_push_code!, only: [:create, :destroy]
before_action :require_non_empty_project
before_action :authorize_download_code!
before_action :authorize_push_code!, only: [:create, :destroy]
def index
@sort = params[:sort] || 'name'
......
......@@ -3,9 +3,9 @@
# Not to be confused with CommitsController, plural.
class Projects::CommitController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_filter :commit
before_action :require_non_empty_project
before_action :authorize_download_code!
before_action :commit
def show
return git_not_found! unless @commit
......
......@@ -3,9 +3,9 @@ require "base64"
class Projects::CommitsController < Projects::ApplicationController
include ExtractsPath
before_filter :require_non_empty_project
before_filter :assign_ref_vars
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :assign_ref_vars
before_action :authorize_download_code!
def show
@repo = @project.repository
......
class Projects::CompareController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def index
end
......
......@@ -2,7 +2,7 @@ class Projects::DeployKeysController < Projects::ApplicationController
respond_to :html
# Authorize
before_filter :authorize_admin_project!
before_action :authorize_admin_project!
layout "project_settings"
......
class Projects::ForksController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def new
@namespaces = current_user.manageable_namespaces
......
class Projects::GraphsController < Projects::ApplicationController
# Authorize
before_filter :require_non_empty_project
before_filter :authorize_download_code!
before_action :require_non_empty_project
before_action :authorize_download_code!
def show
respond_to do |format|
......
class Projects::HooksController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!
before_action :authorize_admin_project!
respond_to :html
......
class Projects::ImportsController < Projects::ApplicationController
# Authorize
before_filter :authorize_admin_project!
before_filter :require_no_repo
before_filter :redirect_if_progress, except: :show
before_action :authorize_admin_project!
before_action :require_no_repo
before_action :redirect_if_progress, except: :show
def new
end
......
class Projects::IssuesController < Projects::ApplicationController
before_filter :module_enabled
before_filter :issue, only: [:edit, :update, :show, :toggle_subscription]
before_action :module_enabled
before_action :issue, only: [:edit, :update, :show, :toggle_subscription]
# Allow read any issue
before_filter :authorize_read_issue!
before_action :authorize_read_issue!
# Allow write(create) issue
before_filter :authorize_write_issue!, only: [:new, :create]
before_action :authorize_write_issue!, only: [:new, :create]
# Allow modify issue
before_filter :authorize_modify_issue!, only: [:edit, :update]
before_action :authorize_modify_issue!, only: [:edit, :update]
# Allow issues bulk update
before_filter :authorize_admin_issues!, only: [:bulk_update]
before_action :authorize_admin_issues!, only: [:bulk_update]
respond_to :html
......@@ -99,7 +99,7 @@ class Projects::IssuesController < Projects::ApplicationController
def toggle_subscription
@issue.toggle_subscription(current_user)
render nothing: true
end
......
class Projects::LabelsController < Projects::ApplicationController
before_filter :module_enabled
before_filter :label, only: [:edit, :update, :destroy]
before_filter :authorize_labels!
before_filter :authorize_admin_labels!, except: [:index]
before_action :module_enabled
before_action :label, only: [:edit, :update, :destroy]
before_action :authorize_labels!
before_action :authorize_admin_labels!, except: [:index]
respond_to :js, :html
......
require 'gitlab/satellite/satellite'
class Projects::MergeRequestsController < Projects::ApplicationController
before_filter :module_enabled
before_filter :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription]
before_filter :closes_issues, only: [:edit, :update, :show, :diffs]
before_filter :validates_merge_request, only: [:show, :diffs]
before_filter :define_show_vars, only: [:show, :diffs]
before_action :module_enabled
before_action :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription]
before_action :closes_issues, only: [:edit, :update, :show, :diffs]
before_action :validates_merge_request, only: [:show, :diffs]
before_action :define_show_vars, only: [:show, :diffs]
# Allow read any merge_request
before_filter :authorize_read_merge_request!
before_action :authorize_read_merge_request!
# Allow write(create) merge_request
before_filter :authorize_write_merge_request!, only: [:new, :create]
before_action :authorize_write_merge_request!, only: [:new, :create]
# Allow modify merge_request
before_filter :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
def index
terms = params['issue_search']
......@@ -176,7 +176,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
def toggle_subscription
@merge_request.toggle_subscription(current_user)
render nothing: true
end
......
class Projects::MilestonesController < Projects::ApplicationController
before_filter :module_enabled
before_filter :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
before_action :module_enabled
before_action :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests]
# Allow read any milestone
before_filter :authorize_read_milestone!