diff options
author | Fabio Papa <fabtheman@gmail.com> | 2019-06-27 15:53:46 -0700 |
---|---|---|
committer | Fabio Papa <fabtheman@gmail.com> | 2019-06-27 15:53:46 -0700 |
commit | 075a6328813ee3733e23254d8e7540b59ec789c0 (patch) | |
tree | ab0343d6c9a2a2da4a6bca04f9122b66a848906c | |
parent | 7bf0ce2283334752bd88a8eb63aa16e5b4b33864 (diff) | |
download | gitlab-ce-075a6328813ee3733e23254d8e7540b59ec789c0.tar.gz |
Add policy to allow maintainers to create subgroups when enabled
-rw-r--r-- | app/policies/group_policy.rb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb index ea86858181d..bd1eb02ca1f 100644 --- a/app/policies/group_policy.rb +++ b/app/policies/group_policy.rb @@ -43,6 +43,10 @@ class GroupPolicy < BasePolicy @subject.project_creation_level == ::Gitlab::Access::DEVELOPER_MAINTAINER_PROJECT_ACCESS end + condition(:maintainer_can_create_group) do + @subject.subgroup_creation_level == ::Gitlab::Access::MAINTAINER_SUBGROUP_ACCESS + end + rule { public_group }.policy do enable :read_group enable :read_list @@ -110,6 +114,7 @@ class GroupPolicy < BasePolicy end rule { owner & nested_groups_supported }.enable :create_subgroup + rule { maintainer & maintainer_can_create_group & nested_groups_supported }.enable :create_subgroup rule { public_group | logged_in_viewable }.enable :view_globally |