diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-20 14:22:11 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-20 14:22:11 +0000 |
commit | 0c872e02b2c822e3397515ec324051ff540f0cd5 (patch) | |
tree | ce2fb6ce7030e4dad0f4118d21ab6453e5938cdd /app/policies/note_policy.rb | |
parent | f7e05a6853b12f02911494c4b3fe53d9540d74fc (diff) | |
download | gitlab-ce-0c872e02b2c822e3397515ec324051ff540f0cd5.tar.gz |
Add latest changes from gitlab-org/gitlab@15-7-stable-eev15.7.0-rc42
Diffstat (limited to 'app/policies/note_policy.rb')
-rw-r--r-- | app/policies/note_policy.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb index 67b57595beb..9fd95bbe42d 100644 --- a/app/policies/note_policy.rb +++ b/app/policies/note_policy.rb @@ -20,12 +20,20 @@ class NotePolicy < BasePolicy condition(:confidential, scope: :subject) { @subject.confidential? } + # if noteable is a work item it needs to check the notes widget availability + condition(:notes_widget_enabled, scope: :subject) do + !@subject.noteable.respond_to?(:work_item_type) || + @subject.noteable.work_item_type.widgets.include?(::WorkItems::Widgets::Notes) + end + # Should be matched with IssuablePolicy#read_internal_note # and EpicPolicy#read_internal_note condition(:can_read_confidential) do access_level >= Gitlab::Access::REPORTER || admin? end + rule { ~notes_widget_enabled }.prevent_all + rule { ~editable }.prevent :admin_note # If user can't read the issue/MR/etc then they should not be allowed to do anything to their own notes |