diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-11-19 08:27:35 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-11-19 08:27:35 +0000 |
| commit | 7e9c479f7de77702622631cff2628a9c8dcbc627 (patch) | |
| tree | c8f718a08e110ad7e1894510980d2155a6549197 /app/policies/note_policy.rb | |
| parent | e852b0ae16db4052c1c567d9efa4facc81146e88 (diff) | |
| download | gitlab-ce-7e9c479f7de77702622631cff2628a9c8dcbc627.tar.gz | |
Add latest changes from gitlab-org/gitlab@13-6-stable-eev13.6.0-rc42
Diffstat (limited to 'app/policies/note_policy.rb')
| -rw-r--r-- | app/policies/note_policy.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb index 2217aa1326c..2bf6b6c3161 100644 --- a/app/policies/note_policy.rb +++ b/app/policies/note_policy.rb @@ -7,13 +7,15 @@ class NotePolicy < BasePolicy delegate { @subject.noteable if DeclarativePolicy.has_policy?(@subject.noteable) } condition(:is_author) { @user && @subject.author == @user } - condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id } + condition(:is_noteable_author) { @user && @subject.noteable.try(:author_id) == @user.id } condition(:editable, scope: :subject) { @subject.editable? } condition(:can_read_noteable) { can?(:"read_#{@subject.noteable_ability_name}") } condition(:commit_is_deleted) { @subject.for_commit? && @subject.noteable.blank? } + condition(:for_design) { @subject.for_design? } + condition(:is_visible) { @subject.system_note_with_references_visible_for?(@user) } condition(:confidential, scope: :subject) { @subject.confidential? } @@ -28,6 +30,7 @@ class NotePolicy < BasePolicy rule { ~can_read_noteable }.policy do prevent :admin_note prevent :resolve_note + prevent :reposition_note prevent :award_emoji end @@ -46,6 +49,7 @@ class NotePolicy < BasePolicy prevent :read_note prevent :admin_note prevent :resolve_note + prevent :reposition_note prevent :award_emoji end @@ -57,9 +61,14 @@ class NotePolicy < BasePolicy prevent :read_note prevent :admin_note prevent :resolve_note + prevent :reposition_note prevent :award_emoji end + rule { can?(:admin_note) | (for_design & can?(:create_note)) }.policy do + enable :reposition_note + end + def parent_namespace strong_memoize(:parent_namespace) do next if @subject.is_a?(PersonalSnippet) |