diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-02 22:29:43 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-02 22:29:43 +0000 |
commit | c7c74818948dbc63a284bb617b2af1937f999cc8 (patch) | |
tree | e34c4d4103dca7b2877e766f540415d4cf10a085 /app/policies/personal_access_token_policy.rb | |
parent | 6cb0610108a079ae27d96d61c48216a9f3b0c476 (diff) | |
download | gitlab-ce-c7c74818948dbc63a284bb617b2af1937f999cc8.tar.gz |
Add latest changes from gitlab-org/security/gitlab@14-1-stable-ee
Diffstat (limited to 'app/policies/personal_access_token_policy.rb')
-rw-r--r-- | app/policies/personal_access_token_policy.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/policies/personal_access_token_policy.rb b/app/policies/personal_access_token_policy.rb index 1e5404b7822..31c973f575b 100644 --- a/app/policies/personal_access_token_policy.rb +++ b/app/policies/personal_access_token_policy.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true class PersonalAccessTokenPolicy < BasePolicy - condition(:is_owner) { user && subject.user_id == user.id } + condition(:is_owner) { user && subject.user_id == user.id && !subject.impersonation } rule { (is_owner | admin) & ~blocked }.policy do enable :read_token |