diff options
| author | Sean McGivern <sean@gitlab.com> | 2017-06-08 11:44:33 +0100 |
|---|---|---|
| committer | Sean McGivern <sean@gitlab.com> | 2017-06-08 11:44:33 +0100 |
| commit | 737d194c0826beb7783c34e982cea673e3f6a61a (patch) | |
| tree | 6751dab5f8a4a3ba8db7fda6b09ef10a8f2bc2a1 | |
| parent | 8ce11fc388bc168368b1e0a65659bb45c76a4a08 (diff) | |
| download | gitlab-ce-737d194c0826beb7783c34e982cea673e3f6a61a.tar.gz | |
Allow group reporters to promote labelsallow-reporters-to-promote-group-labels
They can admin group labels anyway, we weren't checking the more specific
permission.
4 files changed, 11 insertions, 7 deletions
diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb index ac151839f61..1beac202efe 100644 --- a/app/controllers/projects/labels_controller.rb +++ b/app/controllers/projects/labels_controller.rb @@ -8,7 +8,7 @@ class Projects::LabelsController < Projects::ApplicationController before_action :authorize_admin_labels!, only: [:new, :create, :edit, :update, :generate, :destroy, :remove_priority, :set_priorities] - before_action :authorize_admin_group!, only: [:promote] + before_action :authorize_admin_group_labels!, only: [:promote] respond_to :js, :html @@ -161,7 +161,7 @@ class Projects::LabelsController < Projects::ApplicationController return render_404 unless can?(current_user, :admin_label, @project) end - def authorize_admin_group! - return render_404 unless can?(current_user, :admin_group, @project.group) + def authorize_admin_group_labels! + return render_404 unless can?(current_user, :admin_label, @project.group) end end diff --git a/app/views/shared/_label.html.haml b/app/views/shared/_label.html.haml index bd994cdad01..c185e9b73ee 100644 --- a/app/views/shared/_label.html.haml +++ b/app/views/shared/_label.html.haml @@ -64,7 +64,7 @@ %a.js-subscribe-button{ data: { url: toggle_subscription_group_label_path(label.group, label) } } Group level - - if label.is_a?(ProjectLabel) && label.project.group && can?(current_user, :admin_group, label.project.group) + - if label.is_a?(ProjectLabel) && label.project.group && can?(current_user, :admin_label, label.project.group) = link_to promote_namespace_project_label_path(label.project.namespace, label.project, label), title: "Promote to Group Label", class: 'btn btn-transparent btn-action', data: {confirm: "Promoting this label will make this label available to all projects inside this group. Existing project labels with the same name will be merged. Are you sure?", toggle: "tooltip"}, method: :post do %span.sr-only Promote to Group = icon('level-up') diff --git a/changelogs/unreleased/allow-reporters-to-promote-group-labels.yml b/changelogs/unreleased/allow-reporters-to-promote-group-labels.yml new file mode 100644 index 00000000000..2364ce6d068 --- /dev/null +++ b/changelogs/unreleased/allow-reporters-to-promote-group-labels.yml @@ -0,0 +1,4 @@ +--- +title: Allow reporters to promote project labels to group labels +merge_request: +author: diff --git a/spec/controllers/projects/labels_controller_spec.rb b/spec/controllers/projects/labels_controller_spec.rb index 130b0b744b5..bf1776eb320 100644 --- a/spec/controllers/projects/labels_controller_spec.rb +++ b/spec/controllers/projects/labels_controller_spec.rb @@ -117,7 +117,7 @@ describe Projects::LabelsController do let!(:promoted_label_name) { "Promoted Label" } let!(:label_1) { create(:label, title: promoted_label_name, project: project) } - context 'not group owner' do + context 'not group reporters' do it 'denies access' do post :promote, namespace_id: project.namespace.to_param, project_id: project, id: label_1.to_param @@ -125,9 +125,9 @@ describe Projects::LabelsController do end end - context 'group owner' do + context 'group reporter' do before do - GroupMember.add_users(group, [user], :owner) + group.add_reporter(user) end it 'gives access' do |