diff options
| author | Lin Jen-Shin <godfat@godfat.org> | 2016-11-03 20:43:24 +0800 |
|---|---|---|
| committer | Lin Jen-Shin <godfat@godfat.org> | 2016-11-03 20:43:24 +0800 |
| commit | b0af0ab62fa7b0b64443e510ed388cef83db996d (patch) | |
| tree | 4c8f383a9e79c8ad747962545a171f6a1c59c51f /app/policies | |
| parent | 9176a19e3d858a6d64a2254260febe000474af6d (diff) | |
| parent | ca1096e77f1f44089cd8e37e2fe7fa392571542f (diff) | |
| download | gitlab-ce-b0af0ab62fa7b0b64443e510ed388cef83db996d.tar.gz | |
Merge remote-tracking branch 'upstream/master' into pipeline-notifications
* upstream/master: (26 commits)
Add a `--force` option to bin/changelog
Update examples in changelog docs to use single quotes around title
Use the server's base URL without relative URL part when creating links in JIRA
Make ESLint ignore instrumented files for coverage analysis (!7236)
Check that JavaScript file names match convention (!7238)
Removed z-index for filters on issue boards
GitLab 8.13 not 13
Replace MR Description Format links
Fix gdb backtrace command
Update gitlab.yml.example
remove extra spaces from app/workers/post_receive.rb
Add Rake task to create/repair GitLab Shell hooks symlinks
Added guide for upgrading Postgres using Slony
Ensure hook tokens are write-only in the API
Add support for token attr in project hooks API
Add a CHANGELOG entry
Fix edit button wiki
Updated Sortable JS plugin
Allow owners to fetch source code in CI builds
fixes milestone dropdown not select issue
...
Diffstat (limited to 'app/policies')
| -rw-r--r-- | app/policies/project_policy.rb | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index fbb3d4507d6..1ee31023e26 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -2,11 +2,11 @@ class ProjectPolicy < BasePolicy def rules team_access!(user) - owner = user.admin? || - project.owner == user || + owner = project.owner == user || (project.group && project.group.has_owner?(user)) - owner_access! if owner + owner_access! if user.admin? || owner + team_member_owner_access! if owner if project.public? || (project.internal? && !user.external?) guest_access! @@ -16,7 +16,7 @@ class ProjectPolicy < BasePolicy can! :read_build if project.public_builds? if project.request_access_enabled && - !(owner || project.team.member?(user) || project_group_member?(user)) + !(owner || user.admin? || project.team.member?(user) || project_group_member?(user)) can! :request_access end end @@ -135,6 +135,10 @@ class ProjectPolicy < BasePolicy can! :destroy_issue end + def team_member_owner_access! + team_member_reporter_access! + end + # Push abilities on the users team role def team_access!(user) access = project.team.max_member_access(user.id) |