diff options
| author | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-09-20 15:50:11 -0300 |
|---|---|---|
| committer | Douglas Barbosa Alexandre <dbalexandre@gmail.com> | 2016-10-19 14:58:24 -0200 |
| commit | 32c663ff248f6ad2f2fa10fd2e81d6535fb88fd6 (patch) | |
| tree | dfa2dbe7044f47b1d3f80979e12364f25308c7ef /app | |
| parent | 701544fb48a5add0cc7cbba729e6438d7a040385 (diff) | |
| download | gitlab-ce-32c663ff248f6ad2f2fa10fd2e81d6535fb88fd6.tar.gz | |
Use policies to handle with global/project label permissions
Diffstat (limited to 'app')
| -rw-r--r-- | app/helpers/labels_helper.rb | 10 | ||||
| -rw-r--r-- | app/policies/group_label_policy.rb | 5 | ||||
| -rw-r--r-- | app/policies/label_policy.rb | 7 | ||||
| -rw-r--r-- | app/views/shared/_label.html.haml | 4 |
4 files changed, 14 insertions, 12 deletions
diff --git a/app/helpers/labels_helper.rb b/app/helpers/labels_helper.rb index 65fc460c670..c14caa5e387 100644 --- a/app/helpers/labels_helper.rb +++ b/app/helpers/labels_helper.rb @@ -54,16 +54,6 @@ module LabelsHelper end end - def can_admin_label(label) - subject = - case label - when GroupLabel then label.group - else label.project - end - - can?(current_user, :admin_label, subject) - end - def edit_label_path(label) case label when GroupLabel then edit_group_label_path(label.group, label) diff --git a/app/policies/group_label_policy.rb b/app/policies/group_label_policy.rb new file mode 100644 index 00000000000..4d4052c5800 --- /dev/null +++ b/app/policies/group_label_policy.rb @@ -0,0 +1,5 @@ +class GroupLabelPolicy < BasePolicy + def rules + can! :admin_label if Ability.allowed?(@user, :admin_label, @subject.group) + end +end diff --git a/app/policies/label_policy.rb b/app/policies/label_policy.rb new file mode 100644 index 00000000000..1677ad7f1bb --- /dev/null +++ b/app/policies/label_policy.rb @@ -0,0 +1,7 @@ +class LabelPolicy < BasePolicy + def rules + return unless @user + + can! :admin_label if Ability.allowed?(@user, :admin_label, @subject.project) + end +end diff --git a/app/views/shared/_label.html.haml b/app/views/shared/_label.html.haml index 13795807ab8..c0b912b0584 100644 --- a/app/views/shared/_label.html.haml +++ b/app/views/shared/_label.html.haml @@ -21,7 +21,7 @@ %li.label-subscription{ data: { url: toggle_subscription_label_path(label) } } %a.js-subscribe-button.label-subscribe-button.subscription-status{ role: "button", href: "#", data: { toggle: "tooltip", status: label_subscription_status(label) } } %span= label_subscription_toggle_button_text(label) - - if can_admin_label(label) + - if can?(current_user, :admin_label, label) %li = link_to 'Edit', edit_label_path(label) %li @@ -40,7 +40,7 @@ = icon('eye', class: 'label-subscribe-button-icon') = icon('spinner spin', class: 'label-subscribe-button-loading') - - if can_admin_label(label) + - if can?(current_user, :admin_label, label) = link_to edit_label_path(label), title: "Edit", class: 'btn btn-transparent btn-action', data: {toggle: "tooltip"} do %span.sr-only Edit = icon('pencil-square-o') |