Allow group reporters to manage group labels33154-permissions-for-project-labels-and-group-labels

Previously, only group masters could do this. However, project reporters can manage project labels, so there doesn't seem to be any need to restrict group labels further. Also, save a query or two by getting a single GroupMember object to find out if the user is a master or not.
author: Sean McGivern <sean@gitlab.com> 2017-06-02 15:13:10 +0100
committer: Sean McGivern <sean@gitlab.com> 2017-06-05 11:58:53 +0100
commit: 5db229fb45c98424425bf14c6b9e4ede8ccef1d1 (patch)
tree: bbc9c55d2647ab60fe9052988347115b8148bf1c /app/models/group.rb
parent: 6e82de218aa63da6721a0340092dfaff6600b919 (diff)
download: gitlab-ce-5db229fb45c98424425bf14c6b9e4ede8ccef1d1.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/app/models/group.rb b/app/models/group.rb
index be944da5a67..5bb2cdc5eff 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -222,6 +222,16 @@ class Group < Namespace
     User.where(id: members_with_parents.select(:user_id))
   end
 
+  def max_member_access_for_user(user)
+    return GroupMember::OWNER if user.admin?
+
+    members_with_parents.
+      where(user_id: user).
+      reorder(access_level: :desc).
+      first&.
+      access_level || GroupMember::NO_ACCESS
+  end
+
   def mattermost_team_params
     max_length = 59
author	Sean McGivern <sean@gitlab.com>	2017-06-02 15:13:10 +0100
committer	Sean McGivern <sean@gitlab.com>	2017-06-05 11:58:53 +0100
commit	5db229fb45c98424425bf14c6b9e4ede8ccef1d1 (patch)
tree	bbc9c55d2647ab60fe9052988347115b8148bf1c /app/models/group.rb
parent	6e82de218aa63da6721a0340092dfaff6600b919 (diff)
download	gitlab-ce-5db229fb45c98424425bf14c6b9e4ede8ccef1d1.tar.gz