From a11924021629cfb80b68ec743a0eca9a2c1616e4 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sat, 7 Jan 2023 15:20:22 +0000 Subject: [PATCH 1/1] Add database checks to issue and report controllers Fixes #3875 --- app/controllers/issue_comments_controller.rb | 3 +++ app/controllers/issues_controller.rb | 2 ++ app/controllers/reports_controller.rb | 3 +++ 3 files changed, 8 insertions(+) diff --git a/app/controllers/issue_comments_controller.rb b/app/controllers/issue_comments_controller.rb index 7b935665f..7edef184e 100644 --- a/app/controllers/issue_comments_controller.rb +++ b/app/controllers/issue_comments_controller.rb @@ -3,9 +3,12 @@ class IssueCommentsController < ApplicationController before_action :authorize_web before_action :set_locale + before_action :check_database_readable authorize_resource + before_action :check_database_writable, :only => [:create] + def create @issue = Issue.find(params[:issue_id]) comment = @issue.comments.build(issue_comment_params) diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb index 10a6dc09b..b253ec5e1 100644 --- a/app/controllers/issues_controller.rb +++ b/app/controllers/issues_controller.rb @@ -3,10 +3,12 @@ class IssuesController < ApplicationController before_action :authorize_web before_action :set_locale + before_action :check_database_readable authorize_resource before_action :find_issue, :only => [:show, :resolve, :reopen, :ignore] + before_action :check_database_writable, :only => [:resolve, :ignore, :reopen] def index @title = t ".title" diff --git a/app/controllers/reports_controller.rb b/app/controllers/reports_controller.rb index 6d05e6a57..5c70d9704 100644 --- a/app/controllers/reports_controller.rb +++ b/app/controllers/reports_controller.rb @@ -3,9 +3,12 @@ class ReportsController < ApplicationController before_action :authorize_web before_action :set_locale + before_action :check_database_readable authorize_resource + before_action :check_database_writable, :only => [:new, :create] + def new if required_new_report_params_present? @report = Report.new -- 2.39.5