summaryrefslogtreecommitdiff
path: root/app/policies
diff options
context:
space:
mode:
authorTuomo Ala-Vannesluoma <tuomoav@gmail.com>2018-10-05 13:41:11 +0000
committerNick Thomas <nick@gitlab.com>2018-10-05 13:41:11 +0000
commitc84b60b1645950a30fdbc37c9065a200dc750d90 (patch)
tree76d523f37481fa1422f63e96e2a1777d48060b9c /app/policies
parentc972f2e459a6b45852a3d4e76566cdf772a6764a (diff)
downloadgitlab-ce-c84b60b1645950a30fdbc37c9065a200dc750d90.tar.gz
Make GitLab pages support access control
Diffstat (limited to 'app/policies')
-rw-r--r--app/policies/project_policy.rb5
1 files changed, 5 insertions, 0 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index f2c246cd969..a76a083bceb 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -110,6 +110,7 @@ class ProjectPolicy < BasePolicy
snippets
wiki
builds
+ pages
]
features.each do |f|
@@ -167,6 +168,7 @@ class ProjectPolicy < BasePolicy
enable :upload_file
enable :read_cycle_analytics
enable :award_emoji
+ enable :read_pages_content
end
# These abilities are not allowed to admins that are not members of the project,
@@ -286,6 +288,8 @@ class ProjectPolicy < BasePolicy
prevent(*create_read_update_admin_destroy(:merge_request))
end
+ rule { pages_disabled }.prevent :read_pages_content
+
rule { issues_disabled & merge_requests_disabled }.policy do
prevent(*create_read_update_admin_destroy(:label))
prevent(*create_read_update_admin_destroy(:milestone))
@@ -345,6 +349,7 @@ class ProjectPolicy < BasePolicy
enable :download_code
enable :download_wiki_code
enable :read_cycle_analytics
+ enable :read_pages_content
# NOTE: may be overridden by IssuePolicy
enable :read_issue