diff options
author | Toon Claes <toon@gitlab.com> | 2017-06-22 08:35:49 +0200 |
---|---|---|
committer | Toon Claes <toon@gitlab.com> | 2017-06-23 11:15:35 +0200 |
commit | b90f1098cf42889c32eb6f12779def005f15cbae (patch) | |
tree | b36866422e1948909f5be1f26a91a84a2c3b6fbc /app/models/user.rb | |
parent | f09aa6b755043e9bba1eb7ae8f1ae45adc5df136 (diff) | |
download | gitlab-ce-b90f1098cf42889c32eb6f12779def005f15cbae.tar.gz |
Add User#full_private_access? to check if user has Private accesstc-refactor-projects-finder-init-collection
In CE only the admin has access to all private groups & projects. In EE also an
auditor can have full private access.
To overcome merge conflicts, or accidental incorrect access rights, abstract
this out in `User#full_private_access?`.
`User#admin?` now only should be used for admin-only features. For private
access-related features `User#full_private_access?` should be used.
Backported from gitlab-org/gitlab-ee!2199
Diffstat (limited to 'app/models/user.rb')
-rw-r--r-- | app/models/user.rb | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index 954a30155f7..9971e43146a 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -984,6 +984,12 @@ class User < ActiveRecord::Base self.admin = (new_level == 'admin') end + # Does the user have access to all private groups & projects? + # Overridden in EE to also check auditor? + def full_private_access? + admin? + end + def update_two_factor_requirement periods = expanded_groups_requiring_two_factor_authentication.pluck(:two_factor_grace_period) |