diff options
author | http://jneen.net/ <jneen@jneen.net> | 2017-04-06 14:06:42 -0700 |
---|---|---|
committer | http://jneen.net/ <jneen@jneen.net> | 2017-06-27 12:44:37 -0700 |
commit | 37c401433b76170f0150d70865f1f4584db01fa8 (patch) | |
tree | 2da7a4c072b863e0cb927993d8d39e7029d720e4 /app/policies/group_member_policy.rb | |
parent | e5aad75a2673b2e4465d311cbd27970d5c81d5f7 (diff) | |
download | gitlab-ce-37c401433b76170f0150d70865f1f4584db01fa8.tar.gz |
convert all the policies to DeclarativePolicy
Diffstat (limited to 'app/policies/group_member_policy.rb')
-rw-r--r-- | app/policies/group_member_policy.rb | 29 |
1 files changed, 13 insertions, 16 deletions
diff --git a/app/policies/group_member_policy.rb b/app/policies/group_member_policy.rb index 5a3fe814b77..23dd0d7cd23 100644 --- a/app/policies/group_member_policy.rb +++ b/app/policies/group_member_policy.rb @@ -1,25 +1,22 @@ class GroupMemberPolicy < BasePolicy - def rules - return unless @user + delegate :group - target_user = @subject.user - group = @subject.group + with_scope :subject + condition(:last_owner) { @subject.group.last_owner?(@subject.user) } - return if group.last_owner?(target_user) + desc "Membership is users' own" + with_score 0 + condition(:is_target_user) { @user && @subject.user_id == @user.id } - can_manage = Ability.allowed?(@user, :admin_group_member, group) + rule { anonymous }.prevent_all + rule { last_owner }.prevent_all - if can_manage - can! :update_group_member - can! :destroy_group_member - elsif @user == target_user - can! :destroy_group_member - end - - additional_rules! + rule { can?(:admin_group_member) }.policy do + enable :update_group_member + enable :destroy_group_member end - def additional_rules! - # This is meant to be overriden in EE + rule { is_target_user }.policy do + enable :destroy_group_member end end |