diff options
| author | Felipe Artur <felipefac@gmail.com> | 2016-09-16 16:15:39 -0300 |
|---|---|---|
| committer | Felipe Artur <felipefac@gmail.com> | 2016-10-17 18:12:18 -0200 |
| commit | da07c2e4d3d382c05ec287ee60f639b870074fe7 (patch) | |
| tree | f6ffa7fd29fe177d4d78c0e043a1fdcff5b6eba4 /app/models/project_feature.rb | |
| parent | c49e152605ad1fe77bea6414c383cf70669ca110 (diff) | |
| download | gitlab-ce-da07c2e4d3d382c05ec287ee60f639b870074fe7.tar.gz | |
Add visibility level to project repositoryissue_19734_2
Diffstat (limited to 'app/models/project_feature.rb')
| -rw-r--r-- | app/models/project_feature.rb | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb index 530f7d5a30e..b37ce1d3cf6 100644 --- a/app/models/project_feature.rb +++ b/app/models/project_feature.rb @@ -13,23 +13,26 @@ class ProjectFeature < ActiveRecord::Base # Enabled: enabled for everyone able to access the project # - # Permision levels + # Permission levels DISABLED = 0 PRIVATE = 10 ENABLED = 20 - FEATURES = %i(issues merge_requests wiki snippets builds) + FEATURES = %i(issues merge_requests wiki snippets builds repository) # Default scopes force us to unscope here since a service may need to check # permissions for a project in pending_delete # http://stackoverflow.com/questions/1540645/how-to-disable-default-scope-for-a-belongs-to belongs_to :project, -> { unscope(where: :pending_delete) } + validate :repository_children_level + default_value_for :builds_access_level, value: ENABLED, allows_nil: false default_value_for :issues_access_level, value: ENABLED, allows_nil: false default_value_for :merge_requests_access_level, value: ENABLED, allows_nil: false default_value_for :snippets_access_level, value: ENABLED, allows_nil: false default_value_for :wiki_access_level, value: ENABLED, allows_nil: false + default_value_for :repository_access_level, value: ENABLED, allows_nil: false def feature_available?(feature, user) raise ArgumentError, 'invalid project feature' unless FEATURES.include?(feature) @@ -57,6 +60,18 @@ class ProjectFeature < ActiveRecord::Base private + # Validates builds and merge requests access level + # which cannot be higher than repository access level + def repository_children_level + validator = lambda do |field| + level = public_send(field) || ProjectFeature::ENABLED + not_allowed = level > repository_access_level + self.errors.add(field, "cannot have higher visibility level than repository access level") if not_allowed + end + + %i(merge_requests_access_level builds_access_level).each(&validator) + end + def get_permission(user, level) case level when DISABLED |