Add latest changes from gitlab-org/gitlab@14-5-stable-eev14.5.0-rc42

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-11-18 13:16:36 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-11-18 13:16:36 +0000
commit: 311b0269b4eb9839fa63f80c8d7a58f32b8138a0 (patch)
tree: 07e7870bca8aed6d61fdcc810731c50d2c40af47 /app/policies/group_policy.rb
parent: 27909cef6c4170ed9205afa7426b8d3de47cbb0c (diff)
download: gitlab-ce-311b0269b4eb9839fa63f80c8d7a58f32b8138a0.tar.gz
1 files changed, 13 insertions, 4 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 64395f69c42..833d5b9bd34 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -75,6 +75,8 @@ class GroupPolicy < BasePolicy
   with_scope :subject
   condition(:has_project_with_service_desk_enabled) { @subject.has_project_with_service_desk_enabled? }
 
+  condition(:crm_enabled, score: 0, scope: :subject) { Feature.enabled?(:customer_relations, @subject) }
+
   rule { can?(:read_group) & design_management_enabled }.policy do
     enable :read_design_activity
   end
@@ -113,8 +115,8 @@ class GroupPolicy < BasePolicy
     enable :read_group_member
     enable :read_custom_emoji
     enable :read_counts
-    enable :read_organization
-    enable :read_contact
+    enable :read_crm_organization
+    enable :read_crm_contact
   end
 
   rule { ~public_group & ~has_access }.prevent :read_counts
@@ -134,8 +136,8 @@ class GroupPolicy < BasePolicy
     enable :create_package
     enable :create_package_settings
     enable :developer_access
-    enable :admin_organization
-    enable :admin_contact
+    enable :admin_crm_organization
+    enable :admin_crm_contact
   end
 
   rule { reporter }.policy do
@@ -252,6 +254,13 @@ class GroupPolicy < BasePolicy
     enable :read_label
   end
 
+  rule { ~crm_enabled }.policy do
+    prevent :read_crm_contact
+    prevent :read_crm_organization
+    prevent :admin_crm_contact
+    prevent :admin_crm_organization
+  end
+
   def access_level(for_any_session: false)
     return GroupMember::NO_ACCESS if @user.nil?
     return GroupMember::NO_ACCESS unless user_is_user?
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-11-18 13:16:36 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-11-18 13:16:36 +0000
commit	311b0269b4eb9839fa63f80c8d7a58f32b8138a0 (patch)
tree	07e7870bca8aed6d61fdcc810731c50d2c40af47 /app/policies/group_policy.rb
parent	27909cef6c4170ed9205afa7426b8d3de47cbb0c (diff)
download	gitlab-ce-311b0269b4eb9839fa63f80c8d7a58f32b8138a0.tar.gz