Add User#full_private_access? to check if user has Private accesstc-refactor-projects-finder-init-collection

In CE only the admin has access to all private groups & projects. In EE also an auditor can have full private access. To overcome merge conflicts, or accidental incorrect access rights, abstract this out in `User#full_private_access?`. `User#admin?` now only should be used for admin-only features. For private access-related features `User#full_private_access?` should be used. Backported from gitlab-org/gitlab-ee!2199
author: Toon Claes <toon@gitlab.com> 2017-06-22 08:35:49 +0200
committer: Toon Claes <toon@gitlab.com> 2017-06-23 11:15:35 +0200
commit: b90f1098cf42889c32eb6f12779def005f15cbae (patch)
tree: b36866422e1948909f5be1f26a91a84a2c3b6fbc /app/models/user.rb
parent: f09aa6b755043e9bba1eb7ae8f1ae45adc5df136 (diff)
download: gitlab-ce-b90f1098cf42889c32eb6f12779def005f15cbae.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index 954a30155f7..9971e43146a 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -984,6 +984,12 @@ class User < ActiveRecord::Base
     self.admin = (new_level == 'admin')
   end
 
+  # Does the user have access to all private groups & projects?
+  # Overridden in EE to also check auditor?
+  def full_private_access?
+    admin?
+  end
+
   def update_two_factor_requirement
     periods = expanded_groups_requiring_two_factor_authentication.pluck(:two_factor_grace_period)
author	Toon Claes <toon@gitlab.com>	2017-06-22 08:35:49 +0200
committer	Toon Claes <toon@gitlab.com>	2017-06-23 11:15:35 +0200
commit	b90f1098cf42889c32eb6f12779def005f15cbae (patch)
tree	b36866422e1948909f5be1f26a91a84a2c3b6fbc /app/models/user.rb
parent	f09aa6b755043e9bba1eb7ae8f1ae45adc5df136 (diff)
download	gitlab-ce-b90f1098cf42889c32eb6f12779def005f15cbae.tar.gz