diff options
author | James Edwards-Jones <jedwardsjones@gitlab.com> | 2017-11-24 12:41:36 +0000 |
---|---|---|
committer | James Edwards-Jones <jedwardsjones@gitlab.com> | 2017-11-24 13:20:56 +0000 |
commit | d6dd9d712ac24a095d0b0506731f9415b7c3b5f5 (patch) | |
tree | dd8cb75a449d3632902d94933ab36210f5d6abf8 /app/models/concerns/protected_ref_access.rb | |
parent | e548c613346a09ba2fc8dfd6ed64da6628ec6a45 (diff) | |
download | gitlab-ce-d6dd9d712ac24a095d0b0506731f9415b7c3b5f5.tar.gz |
Fix ProtectedBranch access level validations
Before an access_level was required in EE even when an
it had been set for a user/group.
Diffstat (limited to 'app/models/concerns/protected_ref_access.rb')
-rw-r--r-- | app/models/concerns/protected_ref_access.rb | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/app/models/concerns/protected_ref_access.rb b/app/models/concerns/protected_ref_access.rb index c4f158e569a..665c41c825e 100644 --- a/app/models/concerns/protected_ref_access.rb +++ b/app/models/concerns/protected_ref_access.rb @@ -1,15 +1,31 @@ module ProtectedRefAccess extend ActiveSupport::Concern + ALLOWED_ACCESS_LEVELS = [ + Gitlab::Access::MASTER, + Gitlab::Access::DEVELOPER, + Gitlab::Access::NO_ACCESS + ].freeze + included do scope :master, -> { where(access_level: Gitlab::Access::MASTER) } scope :developer, -> { where(access_level: Gitlab::Access::DEVELOPER) } + + validates :access_level, presence: true, if: :role?, inclusion: { + in: ALLOWED_ACCESS_LEVELS + } end def humanize self.class.human_access_levels[self.access_level] end + # CE access levels are always role-based, + # where as EE allows groups and users too + def role? + true + end + def check_access(user) return true if user.admin? |