Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE

author: Imre Farkas <ifarkas@gitlab.com> 2019-04-05 11:45:47 +0000
committer: Andreas Brandl <abrandl@gitlab.com> 2019-04-05 11:45:47 +0000
commit: d9d7237d2ebf101ca35ed8ba2740e7c7093437ea (patch)
tree: 419b0af4bc8de6de5888feec4f502bcc468df400 /app/policies/base_policy.rb
parent: 30fa3cbdb74df2dfeebb2929a10dd301a0dde55e (diff)
download: gitlab-ce-d9d7237d2ebf101ca35ed8ba2740e7c7093437ea.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index 72de04203a6..5dd2279ef99 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -22,6 +22,13 @@ class BasePolicy < DeclarativePolicy::Base
     Gitlab::CurrentSettings.current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
   end
 
-  # This is prevented in some cases in `gitlab-ee`
+  condition(:external_authorization_enabled, scope: :global, score: 0) do
+    ::Gitlab::ExternalAuthorization.perform_check?
+  end
+
+  rule { external_authorization_enabled & ~full_private_access }.policy do
+    prevent :read_cross_project
+  end
+
   rule { default }.enable :read_cross_project
 end
author	Imre Farkas <ifarkas@gitlab.com>	2019-04-05 11:45:47 +0000
committer	Andreas Brandl <abrandl@gitlab.com>	2019-04-05 11:45:47 +0000
commit	d9d7237d2ebf101ca35ed8ba2740e7c7093437ea (patch)
tree	419b0af4bc8de6de5888feec4f502bcc468df400 /app/policies/base_policy.rb
parent	30fa3cbdb74df2dfeebb2929a10dd301a0dde55e (diff)
download	gitlab-ce-d9d7237d2ebf101ca35ed8ba2740e7c7093437ea.tar.gz