summaryrefslogtreecommitdiff
path: root/app/controllers
diff options
context:
space:
mode:
authorSean McGivern <sean@gitlab.com>2017-06-08 11:44:33 +0100
committerSean McGivern <sean@gitlab.com>2017-06-08 11:44:33 +0100
commit737d194c0826beb7783c34e982cea673e3f6a61a (patch)
tree6751dab5f8a4a3ba8db7fda6b09ef10a8f2bc2a1 /app/controllers
parent8ce11fc388bc168368b1e0a65659bb45c76a4a08 (diff)
downloadgitlab-ce-737d194c0826beb7783c34e982cea673e3f6a61a.tar.gz
Allow group reporters to promote labelsallow-reporters-to-promote-group-labels
They can admin group labels anyway, we weren't checking the more specific permission.
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/projects/labels_controller.rb6
1 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb
index ac151839f61..1beac202efe 100644
--- a/app/controllers/projects/labels_controller.rb
+++ b/app/controllers/projects/labels_controller.rb
@@ -8,7 +8,7 @@ class Projects::LabelsController < Projects::ApplicationController
before_action :authorize_admin_labels!, only: [:new, :create, :edit, :update,
:generate, :destroy, :remove_priority,
:set_priorities]
- before_action :authorize_admin_group!, only: [:promote]
+ before_action :authorize_admin_group_labels!, only: [:promote]
respond_to :js, :html
@@ -161,7 +161,7 @@ class Projects::LabelsController < Projects::ApplicationController
return render_404 unless can?(current_user, :admin_label, @project)
end
- def authorize_admin_group!
- return render_404 unless can?(current_user, :admin_group, @project.group)
+ def authorize_admin_group_labels!
+ return render_404 unless can?(current_user, :admin_label, @project.group)
end
end