diff options
author | Jarka Kadlecova <jarka@gitlab.com> | 2017-09-01 14:03:57 +0200 |
---|---|---|
committer | Jarka Kadlecova <jarka@gitlab.com> | 2017-09-14 14:50:32 +0200 |
commit | 994e7d135947ca162c147c5e0992a0190de22808 (patch) | |
tree | cd9ea4d93269c8597541f8c59e89a83ca2b56d2b /app/policies | |
parent | 2b82f907abf2074ac332531d6142893d081f44b9 (diff) | |
download | gitlab-ce-994e7d135947ca162c147c5e0992a0190de22808.tar.gz |
Create system notes for MR too, improve doc + clean up code
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/issuable_policy.rb | 11 | ||||
-rw-r--r-- | app/policies/note_policy.rb | 10 |
2 files changed, 10 insertions, 11 deletions
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb index 212f4989557..f0aa16d2ecf 100644 --- a/app/policies/issuable_policy.rb +++ b/app/policies/issuable_policy.rb @@ -1,7 +1,8 @@ class IssuablePolicy < BasePolicy delegate { @subject.project } - condition(:locked) { @subject.discussion_locked? } + condition(:locked, scope: :subject, score: 0) { @subject.discussion_locked? } + condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) } desc "User is the assignee or author" @@ -16,5 +17,11 @@ class IssuablePolicy < BasePolicy enable :update_merge_request end - rule { locked & ~is_project_member }.prevent :create_note + rule { locked & ~is_project_member }.policy do + prevent :create_note + prevent :update_note + prevent :admin_note + prevent :resolve_note + prevent :edit_note + end end diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb index 307c514a74b..d4cb5a77e63 100644 --- a/app/policies/note_policy.rb +++ b/app/policies/note_policy.rb @@ -1,19 +1,17 @@ class NotePolicy < BasePolicy delegate { @subject.project } + delegate { @subject.noteable if @subject.noteable.lockable? } condition(:is_author) { @user && @subject.author == @user } - condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) } condition(:for_merge_request, scope: :subject) { @subject.for_merge_request? } condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id } condition(:editable, scope: :subject) { @subject.editable? } - condition(:locked) { [MergeRequest, Issue].include?(@subject.noteable.class) && @subject.noteable.discussion_locked? } rule { ~editable | anonymous }.prevent :edit_note rule { is_author | admin }.enable :edit_note rule { can?(:master_access) }.enable :edit_note - rule { locked & ~is_author & ~is_project_member }.prevent :edit_note rule { is_author }.policy do enable :read_note @@ -25,10 +23,4 @@ class NotePolicy < BasePolicy rule { for_merge_request & is_noteable_author }.policy do enable :resolve_note end - - rule { locked & ~is_project_member }.policy do - prevent :update_note - prevent :admin_note - prevent :resolve_note - end end |