floraachy
/
gitlink-forgeplus
mirror of https://gitlink.org.cn/Gitlink/forgeplus.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'dev_trustie' into dev_devops

This commit is contained in:
Jasder 2020-07-17 18:18:31 +08:00
parent 26e1592d93 dbd0c75fa8
commit 97b5193e2b
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/controllers/projects_controller.rb
View File

@ -5,7 +5,7 @@ class ProjectsController < ApplicationController
before_action :require_login, except: %i[index branches group_type_list simple] before_action :require_login, except: %i[index branches group_type_list simple]
before_action :find_project_with_id, only: %i[show branches update destroy fork_users praise_users watch_users] before_action :find_project_with_id, only: %i[show branches update destroy fork_users praise_users watch_users]
before_action :authorizate_user_can_edit_project!, only: %i[update] before_action :authorizate_user_can_edit_project!, only: %i[update]
before_action :project_public?, only: %i[fork_users praise_users watch_user] before_action :project_public?, only: %i[fork_users praise_users watch_users]
def index def index
scope = Projects::ListQuery.call(params) scope = Projects::ListQuery.call(params)
@ -116,8 +116,13 @@ class ProjectsController < ApplicationController
end end
def project_public? def project_public?
unless @project.is_public || current_user&admin? return if @project.is_public?
tip_exception(403, "..")
if current_user
return if current_user.admin? || @project.member?(current_user.id)
render_forbidden('你没有权限访问.')
else
render_unauthorized('你还未登录.')
end end
end end
end end