diff options
| author | Rubén Dávila <rdavila84@gmail.com> | 2016-03-04 15:56:15 -0500 |
|---|---|---|
| committer | Rubén Dávila <rdavila84@gmail.com> | 2016-03-04 15:56:15 -0500 |
| commit | 1cc914f25ac6283e375c6e02c5e8f015640e5b21 (patch) | |
| tree | 1988959e9eeba4e1ad9342117ca8debac0f7f88e | |
| parent | a697b015f7c44befb2e51e66828ee2adc62868e1 (diff) | |
| download | gitlab-ce-issue_13765.tar.gz | |
Show Edit link on sidebar only if current user can update the Issue/MRissue_13765
| -rw-r--r-- | CHANGELOG | 1 | ||||
| -rw-r--r-- | app/helpers/issuables_helper.rb | 6 | ||||
| -rw-r--r-- | app/views/shared/issuable/_sidebar.html.haml | 6 |
3 files changed, 10 insertions, 3 deletions
diff --git a/CHANGELOG b/CHANGELOG index 8692f61fe36..fbacf0b6f10 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -12,6 +12,7 @@ v 8.6.0 (unreleased) - Allow search for logged out users - Don't show Issues/MRs from archived projects in Groups view - Increase the notes polling timeout over time (Roberto Dip) + - Fix: Show Edit link on sidebar only if current user can update the Issue/MR v 8.5.4 - Do not cache requests for badges (including builds badge) diff --git a/app/helpers/issuables_helper.rb b/app/helpers/issuables_helper.rb index 91a3aa371ef..b2ce63edfff 100644 --- a/app/helpers/issuables_helper.rb +++ b/app/helpers/issuables_helper.rb @@ -20,6 +20,12 @@ module IssuablesHelper base_issuable_scope(issuable).where('iid < ?', issuable.iid).first end + def can_update_issuable?(issuable) + return false unless current_user + + can?(current_user, :"update_#{issuable.to_ability_name}", issuable) + end + private def sidebar_gutter_collapsed? diff --git a/app/views/shared/issuable/_sidebar.html.haml b/app/views/shared/issuable/_sidebar.html.haml index 36f06377886..51695d22831 100644 --- a/app/views/shared/issuable/_sidebar.html.haml +++ b/app/views/shared/issuable/_sidebar.html.haml @@ -30,7 +30,7 @@ .title.hide-collapsed %label Assignee - - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project) + - if can_update_issuable?(issuable) .pull-right = link_to 'Edit', '#', class: 'edit-link' .value.hide-collapsed @@ -56,7 +56,7 @@ .title.hide-collapsed %label Milestone - - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project) + - if can_update_issuable?(issuable) .pull-right = link_to 'Edit', '#', class: 'edit-link' .value.hide-collapsed @@ -81,7 +81,7 @@ = issuable.labels.count .title.hide-collapsed %label Labels - - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project) + - if can_update_issuable?(issuable) .pull-right = link_to 'Edit', '#', class: 'edit-link' .value.issuable-show-labels.hide-collapsed |