diff options
| author | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-03 16:34:56 -0500 |
|---|---|---|
| committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-06 21:20:16 -0500 |
| commit | 7deab3172257bef7818ce834c1e0709432ddd5e0 (patch) | |
| tree | f524ab35e59ac478572a444bea1f847accad410b /app/policies/project_policy.rb | |
| parent | 726f5bbf04b92357a11af34044a0720092797a71 (diff) | |
| download | gitlab-ce-7deab3172257bef7818ce834c1e0709432ddd5e0.tar.gz | |
Removes logic from Jwt and handle different scenarios on Gitlab::Auth
- When using 'read_repo' password and project are sent, so we used both
of them to fetch for the token
- When using 'read_registry' only the password is sent, so we only use
that for fetching the token
Diffstat (limited to 'app/policies/project_policy.rb')
| -rw-r--r-- | app/policies/project_policy.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index b1ed034cd00..2f9dd0384bc 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -143,9 +143,9 @@ class ProjectPolicy < BasePolicy end # These abilities are not allowed to admins that are not members of the project, - # that's why they are defined separatly. + # that's why they are defined separately. rule { guest & can?(:download_code) }.enable :build_download_code - rule { guest & can?(:read_container_image) }.enable :build_read_container_image + rule { guest & can?(:read_container_image) }.enable :project_read_container_image rule { can?(:reporter_access) }.policy do enable :download_code @@ -179,7 +179,7 @@ class ProjectPolicy < BasePolicy enable :fork_project enable :build_download_code - enable :build_read_container_image + enable :project_read_container_image enable :request_access end |