Add latest changes from gitlab-org/gitlab@master

1 files changed, 13 insertions, 0 deletions

diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index 73abe006889..5c4990ffd9b 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -77,6 +77,11 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
 
   condition(:crm_enabled, score: 0, scope: :subject) { Feature.enabled?(:customer_relations, @subject) }
 
+  with_scope :subject
+  condition(:group_runner_registration_allowed, score: 0, scope: :subject) do
+    Feature.disabled?(:runner_registration_control) || Gitlab::CurrentSettings.valid_runner_registrars.include?('group')
+  end
+
   rule { can?(:read_group) & design_management_enabled }.policy do
     enable :read_design_activity
   end
@@ -200,6 +205,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
     enable :read_nested_project_resources
   end
 
+  rule { can?(:admin_group_runners) }.policy do
+    enable :register_group_runners
+  end
+
   rule { owner }.enable :create_subgroup
   rule { maintainer & maintainer_can_create_group }.enable :create_subgroup
 
@@ -262,6 +271,10 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
     prevent :admin_crm_organization
   end
 
+  rule { ~group_runner_registration_allowed }.policy do
+    prevent :register_group_runners
+  end
+
   def access_level(for_any_session: false)
     return GroupMember::NO_ACCESS if @user.nil?
     return GroupMember::NO_ACCESS unless user_is_user?