diff options
author | Filipa Lacerda <filipa@gitlab.com> | 2018-05-04 14:58:47 +0100 |
---|---|---|
committer | Filipa Lacerda <filipa@gitlab.com> | 2018-05-04 14:58:47 +0100 |
commit | 1983356d647290fe38ca21bbbca43fe2d6292913 (patch) | |
tree | d07fba5693e239993dfc6d1f724b2103f90a3fa6 /app/policies/issuable_policy.rb | |
parent | 703f45632292e7fc45359d0144cd616725bf9b0d (diff) | |
parent | 4bf47cd76fd69a26b7b2b4ac029f088ec5493712 (diff) | |
download | gitlab-ce-1983356d647290fe38ca21bbbca43fe2d6292913.tar.gz |
Merge branch 'master' into 44427-state-management-with-vuext
* master: (1063 commits)
Replace commits spinach tests with RSpec analog
Update repository.rb
Add note about rebase/squash duplication in Gitaly
Resolve "Reconcile project templates with Auto DevOps"
Move import project pane to a separate partial
Inform the user when there are no project import options available
Clarify location of Vue templates
Make add_index_to_namespaces_runners_token migration reversible
Fix lambda arguments in Grape entities
Update grape-entity 0.6.0 -> 0.7.1
Fix constants in backfill_runner_type_for_ci_runners_post_migrate.rb
Use limited_counter_with_delimiter in the admin user list tabs
Remove a warning from spec/features/admin/admin_users_spec.rb
Use smallint for runner_type since its an enum
Dont remove duplicates in Runner.owned_or_shared since its not necessary
Change the docs license to CC BY-SA
Remove unnecessary disable transaction in add_ci_runner_namespaces
Split migration to add and index namespaces.runners_token
Output some useful information when running the rails console
Revert "Use factory in specs for ProjectCiCdSettings"
...
Diffstat (limited to 'app/policies/issuable_policy.rb')
-rw-r--r-- | app/policies/issuable_policy.rb | 16 |
1 files changed, 0 insertions, 16 deletions
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb index 3f6d7d04667..b431d376e3d 100644 --- a/app/policies/issuable_policy.rb +++ b/app/policies/issuable_policy.rb @@ -2,20 +2,6 @@ class IssuablePolicy < BasePolicy delegate { @subject.project } condition(:locked, scope: :subject, score: 0) { @subject.discussion_locked? } - - # We aren't checking `:read_issue` or `:read_merge_request` in this case - # because it could be possible for a user to see an issuable-iid - # (`:read_issue_iid` or `:read_merge_request_iid`) but then wouldn't be allowed - # to read the actual issue after a more expensive `:read_issue` check. - # - # `:read_issue` & `:read_issue_iid` could diverge in gitlab-ee. - condition(:visible_to_user, score: 4) do - Project.where(id: @subject.project) - .public_or_visible_to_user(@user) - .with_feature_available_for_user(@subject, @user) - .any? - end - condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) } desc "User is the assignee or author" @@ -32,9 +18,7 @@ class IssuablePolicy < BasePolicy rule { locked & ~is_project_member }.policy do prevent :create_note - prevent :update_note prevent :admin_note prevent :resolve_note - prevent :edit_note end end |