Make GitLab pages support access control

author: Tuomo Ala-Vannesluoma <tuomoav@gmail.com> 2018-10-05 13:41:11 +0000
committer: Nick Thomas <nick@gitlab.com> 2018-10-05 13:41:11 +0000
commit: c84b60b1645950a30fdbc37c9065a200dc750d90 (patch)
tree: 76d523f37481fa1422f63e96e2a1777d48060b9c /app/policies
parent: c972f2e459a6b45852a3d4e76566cdf772a6764a (diff)
download: gitlab-ce-c84b60b1645950a30fdbc37c9065a200dc750d90.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index f2c246cd969..a76a083bceb 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -110,6 +110,7 @@ class ProjectPolicy < BasePolicy
     snippets
     wiki
     builds
+    pages
   ]
 
   features.each do |f|
@@ -167,6 +168,7 @@ class ProjectPolicy < BasePolicy
     enable :upload_file
     enable :read_cycle_analytics
     enable :award_emoji
+    enable :read_pages_content
   end
 
   # These abilities are not allowed to admins that are not members of the project,
@@ -286,6 +288,8 @@ class ProjectPolicy < BasePolicy
     prevent(*create_read_update_admin_destroy(:merge_request))
   end
 
+  rule { pages_disabled }.prevent :read_pages_content
+
   rule { issues_disabled & merge_requests_disabled }.policy do
     prevent(*create_read_update_admin_destroy(:label))
     prevent(*create_read_update_admin_destroy(:milestone))
@@ -345,6 +349,7 @@ class ProjectPolicy < BasePolicy
     enable :download_code
     enable :download_wiki_code
     enable :read_cycle_analytics
+    enable :read_pages_content
 
     # NOTE: may be overridden by IssuePolicy
     enable :read_issue
author	Tuomo Ala-Vannesluoma <tuomoav@gmail.com>	2018-10-05 13:41:11 +0000
committer	Nick Thomas <nick@gitlab.com>	2018-10-05 13:41:11 +0000
commit	c84b60b1645950a30fdbc37c9065a200dc750d90 (patch)
tree	76d523f37481fa1422f63e96e2a1777d48060b9c /app/policies
parent	c972f2e459a6b45852a3d4e76566cdf772a6764a (diff)
download	gitlab-ce-c84b60b1645950a30fdbc37c9065a200dc750d90.tar.gz