use a magic default :global symbol instead of nil

to make sure we mean the global permissions
author: http://jneen.net/ <jneen@jneen.net> 2017-02-28 13:08:07 -0800
committer: http://jneen.net/ <jneen@jneen.net> 2017-03-09 11:49:52 -0800
commit: 846e581732e291f8927d04a5b1b40fe8f2688885 (patch)
tree: 50e0a538e26ac47f37ba68f93898185608c09096 /app/models/ability.rb
parent: 130fd255bc0735d4175f2db2770a9092882fa3a4 (diff)
download: gitlab-ce-846e581732e291f8927d04a5b1b40fe8f2688885.tar.gz
1 files changed, 4 insertions, 3 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb
index ad6c588202e..f3692a5a067 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -56,15 +56,16 @@ class Ability
       end
     end
 
-    def allowed?(user, action, subject)
+    def allowed?(user, action, subject = :global)
       allowed(user, subject).include?(action)
     end
 
-    def allowed(user, subject)
+    def allowed(user, subject = :global)
+      return BasePolicy::RuleSet.none if subject.nil?
       return uncached_allowed(user, subject) unless RequestStore.active?
 
       user_key = user ? user.id : 'anonymous'
-      subject_key = subject ? "#{subject.class.name}/#{subject.id}" : 'global'
+      subject_key = subject == :global ? 'global' : "#{subject.class.name}/#{subject.id}"
       key = "/ability/#{user_key}/#{subject_key}"
       RequestStore[key] ||= uncached_allowed(user, subject).freeze
     end
author	http://jneen.net/ <jneen@jneen.net>	2017-02-28 13:08:07 -0800
committer	http://jneen.net/ <jneen@jneen.net>	2017-03-09 11:49:52 -0800
commit	846e581732e291f8927d04a5b1b40fe8f2688885 (patch)
tree	50e0a538e26ac47f37ba68f93898185608c09096 /app/models/ability.rb
parent	130fd255bc0735d4175f2db2770a9092882fa3a4 (diff)
download	gitlab-ce-846e581732e291f8927d04a5b1b40fe8f2688885.tar.gz