refactored permissions and added update_project_member ability logic. Also refactored owner methods to a concern.

author: James Lopez <james.lopez@vodafone.com> 2015-11-03 11:11:56 +0000
committer: James Lopez <james.lopez@vodafone.com> 2015-11-03 11:11:56 +0000
commit: 1b14bc59570a625365fef232f8c57919f76b3e2a (patch)
tree: b1c125a96e844aedfc183ff3874bd74871f0c7af /app/models/member.rb
parent: 6aa9c21ac0e3f4860f9021718900326ea0575151 (diff)
download: gitlab-ce-1b14bc59570a625365fef232f8c57919f76b3e2a.tar.gz
1 files changed, 4 insertions, 4 deletions
diff --git a/app/models/member.rb b/app/models/member.rb
index 4651c8fff37..c565ee6bbce 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -82,8 +82,7 @@ class Member < ActiveRecord::Base
         member.invite_email = user
       end
 
-      project = members.first.respond_to?(:project)? members.first.project : nil
-      if can_update_member?(current_user, member, project)
+      if can_update_member?(current_user, member)
         member.created_by ||= current_user
         member.access_level = access_level
 
@@ -93,9 +92,10 @@ class Member < ActiveRecord::Base
 
     private
 
-    def can_update_member?(current_user, member, project)
+    def can_update_member?(current_user, member)
       !current_user || current_user.can?(:update_group_member, member) ||
-        (project && current_user.can?(:admin_project_member, project))
+        (member.respond_to?(:project) &&
+          current_user.can?(:update_project_member, member))
     end
   end
author	James Lopez <james.lopez@vodafone.com>	2015-11-03 11:11:56 +0000
committer	James Lopez <james.lopez@vodafone.com>	2015-11-03 11:11:56 +0000
commit	1b14bc59570a625365fef232f8c57919f76b3e2a (patch)
tree	b1c125a96e844aedfc183ff3874bd74871f0c7af /app/models/member.rb
parent	6aa9c21ac0e3f4860f9021718900326ea0575151 (diff)
download	gitlab-ce-1b14bc59570a625365fef232f8c57919f76b3e2a.tar.gz