diff options
author | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-03-06 23:30:47 +0100 |
---|---|---|
committer | Bob Van Landuyt <bob@vanlanduyt.co> | 2018-03-07 16:59:17 +0100 |
commit | 9aabd8fd5ecb4090515db48692f3d064624aec0a (patch) | |
tree | 318418b94d97bc846e6e00ed782181cfd26e9487 /lib | |
parent | 9b27027619580bffeffa88965007c2c29ac9648c (diff) | |
download | gitlab-ce-9aabd8fd5ecb4090515db48692f3d064624aec0a.tar.gz |
Limit queries to a user-branch combination
The query becomes a lot simpler if we can check the branch name as
well instead of having to load all branch names.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/gitlab/checks/change_access.rb | 7 | ||||
-rw-r--r-- | lib/gitlab/user_access.rb | 4 |
2 files changed, 7 insertions, 4 deletions
diff --git a/lib/gitlab/checks/change_access.rb b/lib/gitlab/checks/change_access.rb index 87e9e47b21a..51ba09aa129 100644 --- a/lib/gitlab/checks/change_access.rb +++ b/lib/gitlab/checks/change_access.rb @@ -47,7 +47,7 @@ module Gitlab protected def push_checks - if user_access.cannot_do_action?(:push_to_repo) + unless can_push? raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:push_code] end end @@ -183,6 +183,11 @@ module Gitlab def commits @commits ||= project.repository.new_commits(newrev) end + + def can_push? + user_access.can_do_action?(:push_code) || + user_access.can_push_to_branch?(branch_name) + end end end end diff --git a/lib/gitlab/user_access.rb b/lib/gitlab/user_access.rb index fa32776d9f8..fd68b9f2b48 100644 --- a/lib/gitlab/user_access.rb +++ b/lib/gitlab/user_access.rb @@ -70,10 +70,8 @@ module Gitlab protected_branch_accessible_to?(ref, action: :push) elsif user.can?(:push_code, project) true - elsif user.can?(:push_single_branch, project) - project.branches_allowing_maintainer_access_to_user(user).include?(ref) else - false + project.branch_allows_maintainer_push?(user, ref) end end |