Add latest changes from gitlab-org/security/gitlab@14-8-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-25 16:30:40 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2022-02-25 16:30:40 +0000
commit: b485c8c3723dc5aaba15ab9fa258010d1ec66d61 (patch)
tree: 36cd2260b2f31bc77ad313b644e5784160ce9104 /app/services
parent: 479d579719c36f1b8706165c20f4525bc32bb451 (diff)
download: gitlab-ce-b485c8c3723dc5aaba15ab9fa258010d1ec66d61.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/app/services/members/create_service.rb b/app/services/members/create_service.rb
index dc29bb2c6da..758fa2e67f1 100644
--- a/app/services/members/create_service.rb
+++ b/app/services/members/create_service.rb
@@ -19,6 +19,8 @@ module Members
     end
 
     def execute
+      raise Gitlab::Access::AccessDeniedError unless can?(current_user, create_member_permission(source), source)
+
       validate_invite_source!
       validate_invitable!
 
@@ -156,6 +158,17 @@ module Members
         })
       )
     end
+
+    def create_member_permission(source)
+      case source
+      when Group
+        :admin_group_member
+      when Project
+        :admin_project_member
+      else
+        raise "Unknown source type: #{source.class}!"
+      end
+    end
   end
 end
author	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-25 16:30:40 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2022-02-25 16:30:40 +0000
commit	b485c8c3723dc5aaba15ab9fa258010d1ec66d61 (patch)
tree	36cd2260b2f31bc77ad313b644e5784160ce9104 /app/services
parent	479d579719c36f1b8706165c20f4525bc32bb451 (diff)
download	gitlab-ce-b485c8c3723dc5aaba15ab9fa258010d1ec66d61.tar.gz