diff options
| author | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-06-06 16:13:31 -0300 |
|---|---|---|
| committer | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-06-13 19:32:00 -0300 |
| commit | b56c45675019baaaf47615d51c08d5caa0734ad3 (patch) | |
| tree | b933c21ab49a745a6839aa1127c237ffe7a3a3fb /app/models/project_team.rb | |
| parent | af8500f43010f42176b2ec1814f0fe7248258b05 (diff) | |
| download | gitlab-ce-b56c45675019baaaf47615d51c08d5caa0734ad3.tar.gz | |
Project members with guest role can't access confidential issues
Diffstat (limited to 'app/models/project_team.rb')
| -rw-r--r-- | app/models/project_team.rb | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/app/models/project_team.rb b/app/models/project_team.rb index 70a8bbaba65..e29e854860a 100644 --- a/app/models/project_team.rb +++ b/app/models/project_team.rb @@ -131,8 +131,14 @@ class ProjectTeam max_member_access(user.id) == Gitlab::Access::MASTER end - def member?(user_id) - !!find_member(user_id) + def member?(user, min_member_access = nil) + member = !!find_member(user.id) + + if min_member_access + member && max_member_access(user.id) >= min_member_access + else + member + end end def human_max_access(user_id) |