summaryrefslogtreecommitdiff
path: root/app/models/project_feature.rb
diff options
context:
space:
mode:
authorFelipe Artur <felipefac@gmail.com>2016-09-16 16:15:39 -0300
committerFelipe Artur <felipefac@gmail.com>2016-10-17 18:12:18 -0200
commitda07c2e4d3d382c05ec287ee60f639b870074fe7 (patch)
treef6ffa7fd29fe177d4d78c0e043a1fdcff5b6eba4 /app/models/project_feature.rb
parentc49e152605ad1fe77bea6414c383cf70669ca110 (diff)
downloadgitlab-ce-da07c2e4d3d382c05ec287ee60f639b870074fe7.tar.gz
Add visibility level to project repositoryissue_19734_2
Diffstat (limited to 'app/models/project_feature.rb')
-rw-r--r--app/models/project_feature.rb19
1 files changed, 17 insertions, 2 deletions
diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb
index 530f7d5a30e..b37ce1d3cf6 100644
--- a/app/models/project_feature.rb
+++ b/app/models/project_feature.rb
@@ -13,23 +13,26 @@ class ProjectFeature < ActiveRecord::Base
# Enabled: enabled for everyone able to access the project
#
- # Permision levels
+ # Permission levels
DISABLED = 0
PRIVATE = 10
ENABLED = 20
- FEATURES = %i(issues merge_requests wiki snippets builds)
+ FEATURES = %i(issues merge_requests wiki snippets builds repository)
# Default scopes force us to unscope here since a service may need to check
# permissions for a project in pending_delete
# http://stackoverflow.com/questions/1540645/how-to-disable-default-scope-for-a-belongs-to
belongs_to :project, -> { unscope(where: :pending_delete) }
+ validate :repository_children_level
+
default_value_for :builds_access_level, value: ENABLED, allows_nil: false
default_value_for :issues_access_level, value: ENABLED, allows_nil: false
default_value_for :merge_requests_access_level, value: ENABLED, allows_nil: false
default_value_for :snippets_access_level, value: ENABLED, allows_nil: false
default_value_for :wiki_access_level, value: ENABLED, allows_nil: false
+ default_value_for :repository_access_level, value: ENABLED, allows_nil: false
def feature_available?(feature, user)
raise ArgumentError, 'invalid project feature' unless FEATURES.include?(feature)
@@ -57,6 +60,18 @@ class ProjectFeature < ActiveRecord::Base
private
+ # Validates builds and merge requests access level
+ # which cannot be higher than repository access level
+ def repository_children_level
+ validator = lambda do |field|
+ level = public_send(field) || ProjectFeature::ENABLED
+ not_allowed = level > repository_access_level
+ self.errors.add(field, "cannot have higher visibility level than repository access level") if not_allowed
+ end
+
+ %i(merge_requests_access_level builds_access_level).each(&validator)
+ end
+
def get_permission(user, level)
case level
when DISABLED