diff options
author | Douwe Maan <douwe@gitlab.com> | 2015-10-07 19:19:23 +0200 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2015-10-07 19:19:23 +0200 |
commit | 72afcbcd37f35e02544290977c2c91ae37c12c01 (patch) | |
tree | 71256f67f04a70b5b2fdff6ca99895341d2b9641 /lib/gitlab/markdown | |
parent | f42cfa9e8757161414f88e50d23b1d618bffad1f (diff) | |
download | gitlab-ce-72afcbcd37f35e02544290977c2c91ae37c12c01.tar.gz |
Always allow references to the current project
Diffstat (limited to 'lib/gitlab/markdown')
-rw-r--r-- | lib/gitlab/markdown/redactor_filter.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/markdown/reference_filter.rb | 7 | ||||
-rw-r--r-- | lib/gitlab/markdown/reference_gatherer_filter.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/markdown/user_reference_filter.rb | 2 |
4 files changed, 8 insertions, 5 deletions
diff --git a/lib/gitlab/markdown/redactor_filter.rb b/lib/gitlab/markdown/redactor_filter.rb index 07ea6207d22..a1f3a8a8ebf 100644 --- a/lib/gitlab/markdown/redactor_filter.rb +++ b/lib/gitlab/markdown/redactor_filter.rb @@ -26,7 +26,7 @@ module Gitlab reference_type = node.attr('data-reference-filter') reference_filter = reference_type.constantize - reference_filter.user_can_reference?(current_user, node) + reference_filter.user_can_reference?(current_user, node, context) else true end diff --git a/lib/gitlab/markdown/reference_filter.rb b/lib/gitlab/markdown/reference_filter.rb index ea6136b3303..8ad52479d3d 100644 --- a/lib/gitlab/markdown/reference_filter.rb +++ b/lib/gitlab/markdown/reference_filter.rb @@ -15,9 +15,12 @@ module Gitlab # Results: # :references - A Hash of references that were found and replaced. class ReferenceFilter < HTML::Pipeline::Filter - def self.user_can_reference?(user, node) + def self.user_can_reference?(user, node, context) if node.has_attribute?('data-project') - project = Project.find(node.attr('data-project')) rescue nil + project_id = node.attr('data-project').to_i + return true if project_id == context[:project].id + + project = Project.find(project_id) rescue nil Ability.abilities.allowed?(user, :read_project, project) else true diff --git a/lib/gitlab/markdown/reference_gatherer_filter.rb b/lib/gitlab/markdown/reference_gatherer_filter.rb index d64671e9550..171ff906da6 100644 --- a/lib/gitlab/markdown/reference_gatherer_filter.rb +++ b/lib/gitlab/markdown/reference_gatherer_filter.rb @@ -31,7 +31,7 @@ module Gitlab reference_type = node.attr('data-reference-filter') reference_filter = reference_type.constantize - return unless reference_filter.user_can_reference?(current_user, node) + return unless reference_filter.user_can_reference?(current_user, node, context) references = reference_filter.referenced_by(node) return unless references diff --git a/lib/gitlab/markdown/user_reference_filter.rb b/lib/gitlab/markdown/user_reference_filter.rb index 0d2be7499b7..4567e983692 100644 --- a/lib/gitlab/markdown/user_reference_filter.rb +++ b/lib/gitlab/markdown/user_reference_filter.rb @@ -42,7 +42,7 @@ module Gitlab end end - def self.user_can_reference?(user, node) + def self.user_can_reference?(user, node, context) if node.has_attribute?('data-group') group = Group.find(node.attr('data-group')) rescue nil Ability.abilities.allowed?(user, :read_group, group) |