diff options
author | Rubén Dávila <ruben@gitlab.com> | 2017-08-15 20:25:47 -0500 |
---|---|---|
committer | Mike Greiling <mike@pixelcog.com> | 2017-08-26 03:30:01 -0500 |
commit | d413f8e4e426e2cb2dc61d5a72d84a7dc67a28c8 (patch) | |
tree | fb58f3e1f60552bb7c201c697eb9fa7e8b194788 /app/models/group.rb | |
parent | a30257c0321e872646fe945739482fdeadbba4c2 (diff) | |
download | gitlab-ce-d413f8e4e426e2cb2dc61d5a72d84a7dc67a28c8.tar.gz |
Add validation for visibility level of sub groups
Sub groups should not have a visibility level higher than its parent.
Diffstat (limited to 'app/models/group.rb')
-rw-r--r-- | app/models/group.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/app/models/group.rb b/app/models/group.rb index 2816a68257c..15355418d05 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -26,6 +26,7 @@ class Group < Namespace validate :avatar_type, if: ->(user) { user.avatar.present? && user.avatar_changed? } validate :visibility_level_allowed_by_projects + validate :visibility_level_allowed_by_parent validates :avatar, file_size: { maximum: 200.kilobytes.to_i } @@ -102,6 +103,14 @@ class Group < Namespace full_name end + def visibility_level_allowed_by_parent + return if parent_id.blank? + + if parent && (visibility_level > parent.visibility_level) + errors.add(:visibility_level, "#{visibility} is not allowed since the parent group has a #{parent.visibility} visibility.") + end + end + def visibility_level_allowed_by_projects allowed_by_projects = self.projects.where('visibility_level > ?', self.visibility_level).none? |