Support discussion locking in the backend

1 files changed, 10 insertions, 0 deletions

diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb
index 20cd51cfb99..5d51fbf4f4a 100644
--- a/app/policies/note_policy.rb
+++ b/app/policies/note_policy.rb
@@ -2,14 +2,18 @@ class NotePolicy < BasePolicy
   delegate { @subject.project }
 
   condition(:is_author) { @user && @subject.author == @user }
+  condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) }
   condition(:for_merge_request, scope: :subject) { @subject.for_merge_request? }
   condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id }
 
   condition(:editable, scope: :subject) { @subject.editable? }
+  condition(:locked) { @subject.noteable.discussion_locked? }
 
   rule { ~editable | anonymous }.prevent :edit_note
+
   rule { is_author | admin }.enable :edit_note
   rule { can?(:master_access) }.enable :edit_note
+  rule { locked & ~is_author & ~is_project_member }.prevent :edit_note
 
   rule { is_author }.policy do
     enable :read_note
@@ -21,4 +25,10 @@ class NotePolicy < BasePolicy
   rule { for_merge_request & is_noteable_author }.policy do
     enable :resolve_note
   end
+
+  rule { locked & ~is_project_member }.policy do
+    prevent :update_note
+    prevent :admin_note
+    prevent :resolve_note
+  end
 end