diff options
author | Jose Ivan Vargas <jvargas@gitlab.com> | 2017-09-13 12:21:33 -0500 |
---|---|---|
committer | Jose Ivan Vargas <jvargas@gitlab.com> | 2017-09-13 12:21:33 -0500 |
commit | 4c0beb6c024b25ff24c7c2ea966bacab0ee860d5 (patch) | |
tree | f3e61556a1cc9132f439d222dca9d6366eb8a6ca /app/services/groups/create_service.rb | |
parent | 2d58626a33bc0d4e78eaf0c25965d18a6239fa3b (diff) | |
parent | 33010da28b0f2e00e96cc4bf6c439363905a81d5 (diff) | |
download | gitlab-ce-4c0beb6c024b25ff24c7c2ea966bacab0ee860d5.tar.gz |
Merge branch 'master' into sh-headless-chrome-support
Diffstat (limited to 'app/services/groups/create_service.rb')
-rw-r--r-- | app/services/groups/create_service.rb | 38 |
1 files changed, 29 insertions, 9 deletions
diff --git a/app/services/groups/create_service.rb b/app/services/groups/create_service.rb index c7c27621085..70e50aa0f12 100644 --- a/app/services/groups/create_service.rb +++ b/app/services/groups/create_service.rb @@ -8,15 +8,7 @@ module Groups def execute @group = Group.new(params) - unless Gitlab::VisibilityLevel.allowed_for?(current_user, params[:visibility_level]) - deny_visibility_level(@group) - return @group - end - - if @group.parent && !can?(current_user, :create_subgroup, @group.parent) - @group.parent = nil - @group.errors.add(:parent_id, 'You don’t have permission to create a subgroup in this group.') - + unless can_use_visibility_level? && can_create_group? return @group end @@ -39,5 +31,33 @@ module Groups def create_chat_team? Gitlab.config.mattermost.enabled && @chat_team && group.chat_team.nil? end + + def can_create_group? + if @group.subgroup? + unless can?(current_user, :create_subgroup, @group.parent) + @group.parent = nil + @group.errors.add(:parent_id, 'You don’t have permission to create a subgroup in this group.') + + return false + end + else + unless can?(current_user, :create_group) + @group.errors.add(:base, 'You don’t have permission to create groups.') + + return false + end + end + + true + end + + def can_use_visibility_level? + unless Gitlab::VisibilityLevel.allowed_for?(current_user, params[:visibility_level]) + deny_visibility_level(@group) + return false + end + + true + end end end |