summaryrefslogtreecommitdiff
path: root/app/policies
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2020-02-06 12:10:29 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2020-02-06 12:10:29 +0000
commit5564275a0b378298dc6281599cbfe71a937109ff (patch)
treea468e1e60046356410219c35c23a8a428c5e2c5e /app/policies
parentd87918510a866a5fcbbc2f899ad65c6938ebf5f5 (diff)
downloadgitlab-ce-5564275a0b378298dc6281599cbfe71a937109ff.tar.gz
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r--app/policies/base_policy.rb3
-rw-r--r--app/policies/concerns/policy_actor.rb4
-rw-r--r--app/policies/project_policy.rb2
3 files changed, 9 insertions, 0 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index c93a19bdc3d..ce3e5b0195c 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -44,6 +44,9 @@ class BasePolicy < DeclarativePolicy::Base
::Gitlab::ExternalAuthorization.perform_check?
end
+ with_options scope: :user, score: 0
+ condition(:alert_bot) { @user&.alert_bot? }
+
rule { external_authorization_enabled & ~can?(:read_all_resources) }.policy do
prevent :read_cross_project
end
diff --git a/app/policies/concerns/policy_actor.rb b/app/policies/concerns/policy_actor.rb
index b963a64b429..406677d7b56 100644
--- a/app/policies/concerns/policy_actor.rb
+++ b/app/policies/concerns/policy_actor.rb
@@ -33,6 +33,10 @@ module PolicyActor
def can_create_group
false
end
+
+ def alert_bot?
+ false
+ end
end
PolicyActor.prepend_if_ee('EE::PolicyActor')
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index bbcb3c637a9..ee22a2d84e7 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -515,6 +515,8 @@ class ProjectPolicy < BasePolicy
end
def lookup_access_level!
+ return ::Gitlab::Access::REPORTER if alert_bot?
+
# NOTE: max_member_access has its own cache
project.team.max_member_access(@user.id)
end