Fix security issues with teams

author: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-01-25 15:51:45 +0200
committer: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2013-01-25 15:51:45 +0200
commit: 6350b32a3dddf70a28526c4f95c652072411e9c7 (patch)
tree: 96c996a2f63f9fede4c5b2b081fd3acedb1049f5 /app/models
parent: 3ddd9f753c0a6a57313ea4860bf7167f98f53cd2 (diff)
download: gitlab-ce-6350b32a3dddf70a28526c4f95c652072411e9c7.tar.gz
1 files changed, 11 insertions, 0 deletions
diff --git a/app/models/user.rb b/app/models/user.rb
index 7a0d66453f8..29f262968d5 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -295,4 +295,15 @@ class User < ActiveRecord::Base
   def namespace_id
     namespace.try :id
   end
+
+  def authorized_teams
+    @authorized_teams ||= begin
+                            ids = []
+                            ids << UserTeam.with_member(self).pluck('user_teams.id')
+                            ids << UserTeam.created_by(self).pluck('user_teams.id')
+                            ids.flatten
+
+                            UserTeam.where(id: ids)
+                          end
+  end
 end
author	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-01-25 15:51:45 +0200
committer	Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>	2013-01-25 15:51:45 +0200
commit	6350b32a3dddf70a28526c4f95c652072411e9c7 (patch)
tree	96c996a2f63f9fede4c5b2b081fd3acedb1049f5 /app/models
parent	3ddd9f753c0a6a57313ea4860bf7167f98f53cd2 (diff)
download	gitlab-ce-6350b32a3dddf70a28526c4f95c652072411e9c7.tar.gz