Refactor issue, mr, note abilities to include project abilities too

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-06-26 18:15:36 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2015-06-26 18:15:36 +0200
commit: 7ca017b5130705770074d455cbc827e487730bf1 (patch)
tree: 6e824c84262a432f913b4a5eb4cdb16b005f5e1d
parent: 083d4604c49abfec8bf368fe0541d88dcc9bb6ed (diff)
download: gitlab-ce-7ca017b5130705770074d455cbc827e487730bf1.tar.gz
1 files changed, 30 insertions, 13 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb
index b4a9adb5ffc..3ee3a7857ee 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -68,6 +68,7 @@ class Ability
     def project_abilities(user, project)
       rules = []
       key = "/user/#{user.id}/project/#{project.id}"
+
       RequestStore.store[key] ||= begin
         team = project.team
 
@@ -182,7 +183,6 @@ class Ability
     def project_master_rules
       project_dev_rules + [
         :push_code_to_protected_branches,
-        :update_issue,
         :update_project_snippet,
         :update_merge_request,
         :admin_milestone,
@@ -244,26 +244,40 @@ class Ability
       rules.flatten
     end
 
-    [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name|
+
+    [:issue, :merge_request].each do |name|
       define_method "#{name}_abilities" do |user, subject|
-        if user.is_admin?
-          [
+        rules = []
+
+        if subject.author == user || (subject.respond_to?(:assignee) && subject.assignee == user)
+          rules += [
             :"read_#{name}",
             :"update_#{name}",
-            :"admin_#{name}"
           ]
-        elsif subject.author == user || (subject.respond_to?(:assignee) && subject.assignee == user)
-          [
+        end
+
+        rules += project_abilities(user, subject.project)
+        rules
+      end
+    end
+
+    [:note, :project_snippet, :personal_snippet].each do |name|
+      define_method "#{name}_abilities" do |user, subject|
+        rules = []
+
+        if subject.author == user
+          rules += [
             :"read_#{name}",
             :"update_#{name}",
+            :"admin_#{name}"
           ]
-        else
-          if subject.respond_to?(:project) && subject.project
-            project_abilities(user, subject.project)
-          else
-            []
-          end
         end
+
+        if subject.respond_to?(:project) && subject.project
+          rules += project_abilities(user, subject.project)
+        end
+
+        rules
       end
     end
 
@@ -272,13 +286,16 @@ class Ability
       target_user = subject.user
       group = subject.group
       can_manage = group_abilities(user, group).include?(:admin_group)
+
       if can_manage && (user != target_user)
         rules << :update_group_member
         rules << :destroy_group_member
       end
+
       if !group.last_owner?(user) && (can_manage || (user == target_user))
         rules << :destroy_group_member
       end
+
       rules
     end
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2015-06-26 18:15:36 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2015-06-26 18:15:36 +0200
commit	7ca017b5130705770074d455cbc827e487730bf1 (patch)
tree	6e824c84262a432f913b4a5eb4cdb16b005f5e1d
parent	083d4604c49abfec8bf368fe0541d88dcc9bb6ed (diff)
download	gitlab-ce-7ca017b5130705770074d455cbc827e487730bf1.tar.gz