Add latest changes from gitlab-org/security/gitlab@14-1-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-02 22:29:43 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-08-02 22:29:43 +0000
commit: c7c74818948dbc63a284bb617b2af1937f999cc8 (patch)
tree: e34c4d4103dca7b2877e766f540415d4cf10a085 /app/policies/personal_access_token_policy.rb
parent: 6cb0610108a079ae27d96d61c48216a9f3b0c476 (diff)
download: gitlab-ce-c7c74818948dbc63a284bb617b2af1937f999cc8.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/policies/personal_access_token_policy.rb b/app/policies/personal_access_token_policy.rb
index 1e5404b7822..31c973f575b 100644
--- a/app/policies/personal_access_token_policy.rb
+++ b/app/policies/personal_access_token_policy.rb
@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class PersonalAccessTokenPolicy < BasePolicy
-  condition(:is_owner) { user && subject.user_id == user.id }
+  condition(:is_owner) { user && subject.user_id == user.id && !subject.impersonation }
 
   rule { (is_owner | admin) & ~blocked }.policy do
     enable :read_token
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-02 22:29:43 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-08-02 22:29:43 +0000
commit	c7c74818948dbc63a284bb617b2af1937f999cc8 (patch)
tree	e34c4d4103dca7b2877e766f540415d4cf10a085 /app/policies/personal_access_token_policy.rb
parent	6cb0610108a079ae27d96d61c48216a9f3b0c476 (diff)
download	gitlab-ce-c7c74818948dbc63a284bb617b2af1937f999cc8.tar.gz