diff options
-rw-r--r-- | app/controllers/projects/hooks_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/projects/snippets_controller.rb | 2 | ||||
-rw-r--r-- | app/controllers/projects/team_members_controller.rb | 3 | ||||
-rw-r--r-- | app/controllers/projects_controller.rb | 6 | ||||
-rw-r--r-- | app/models/ability.rb | 2 | ||||
-rw-r--r-- | app/models/group.rb | 4 | ||||
-rw-r--r-- | app/views/projects/_clone_panel.html.haml | 67 |
7 files changed, 44 insertions, 43 deletions
diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb index 3367ddb5d14..1a94dbab5ea 100644 --- a/app/controllers/projects/hooks_controller.rb +++ b/app/controllers/projects/hooks_controller.rb @@ -1,7 +1,6 @@ class Projects::HooksController < Projects::ApplicationController # Authorize - before_filter :authorize_read_project! - before_filter :authorize_admin_project!, only: [:new, :create, :destroy] + before_filter :authorize_admin_project! respond_to :html diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb index 59063103ecb..dd0c1a57089 100644 --- a/app/controllers/projects/snippets_controller.rb +++ b/app/controllers/projects/snippets_controller.rb @@ -14,8 +14,6 @@ class Projects::SnippetsController < Projects::ApplicationController # Allow destroy snippet before_filter :authorize_admin_project_snippet!, only: [:destroy] - layout 'projects' - respond_to :html def index diff --git a/app/controllers/projects/team_members_controller.rb b/app/controllers/projects/team_members_controller.rb index 6fee770cae2..b4b318fa59e 100644 --- a/app/controllers/projects/team_members_controller.rb +++ b/app/controllers/projects/team_members_controller.rb @@ -1,7 +1,6 @@ class Projects::TeamMembersController < Projects::ApplicationController # Authorize - before_filter :authorize_read_project! - before_filter :authorize_admin_project!, except: [:index, :show] + before_filter :authorize_admin_project! layout "project_settings" diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index f31fb666e3e..7264128691e 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -1,7 +1,7 @@ -class ProjectsController < Projects::ApplicationController +class ProjectsController < ApplicationController skip_before_filter :authenticate_user!, only: [:show] - skip_before_filter :project, only: [:new, :create] - skip_before_filter :repository, only: [:new, :create] + before_filter :project, except: [:new, :create] + before_filter :repository, except: [:new, :create] # Authorize before_filter :authorize_read_project!, except: [:index, :new, :create] diff --git a/app/models/ability.rb b/app/models/ability.rb index 26988c5e6a7..ad070dad296 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -154,7 +154,7 @@ class Ability def group_abilities user, group rules = [] - if group.users.include?(user) + if group.users.include?(user) || user.admin? rules << :read_group end diff --git a/app/models/group.rb b/app/models/group.rb index fce8d71217b..0b36c934375 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -32,6 +32,10 @@ class Group < Namespace end end + def add_user(user, group_access) + self.users_groups.create(user_id: user.id, group_access: group_access) + end + def change_owner(user) self.owner = user membership = users_groups.where(user_id: user.id).first diff --git a/app/views/projects/_clone_panel.html.haml b/app/views/projects/_clone_panel.html.haml index c5ab64505c6..c2f85e8ebe8 100644 --- a/app/views/projects/_clone_panel.html.haml +++ b/app/views/projects/_clone_panel.html.haml @@ -19,37 +19,38 @@ %i.icon-download-alt %span.only-wide Download - .dropdown.pull-right - %a.dropdown-toggle.btn{href: '#', "data-toggle" => "dropdown"} - %i.icon-plus-sign-alt - %span.only-wide New - %b.caret - %ul.dropdown-menu - - if @project.issues_enabled && can?(current_user, :write_issue, @project) - %li - = link_to url_for_new_issue, title: "New Issue" do - Issue - - if @project.merge_requests_enabled && can?(current_user, :write_merge_request, @project) - %li - = link_to new_project_merge_request_path(@project), title: "New Merge Request" do - Merge Request - - if @project.snippets_enabled && can?(current_user, :write_snippet, @project) - %li - = link_to new_project_snippet_path(@project), title: "New Snippet" do - Snippet - - if can? current_user, :push_code, @project - %li.divider - %li - = link_to new_project_branch_path(@project) do - %i.icon-code-fork - Git branch - %li - = link_to new_project_tag_path(@project) do - %i.icon-tag - Git tag + - if current_user + .dropdown.pull-right + %a.dropdown-toggle.btn{href: '#', "data-toggle" => "dropdown"} + %i.icon-plus-sign-alt + %span.only-wide New + %b.caret + %ul.dropdown-menu + - if @project.issues_enabled && can?(current_user, :write_issue, @project) + %li + = link_to url_for_new_issue, title: "New Issue" do + Issue + - if @project.merge_requests_enabled && can?(current_user, :write_merge_request, @project) + %li + = link_to new_project_merge_request_path(@project), title: "New Merge Request" do + Merge Request + - if @project.snippets_enabled && can?(current_user, :write_snippet, @project) + %li + = link_to new_project_snippet_path(@project), title: "New Snippet" do + Snippet + - if can? current_user, :push_code, @project + %li.divider + %li + = link_to new_project_branch_path(@project) do + %i.icon-code-fork + Git branch + %li + = link_to new_project_tag_path(@project) do + %i.icon-tag + Git tag - - if can?(current_user, :admin_team_member, @project) - %li.divider - %li - = link_to new_project_team_member_path(@project), title: "New project member" do - Project member + - if can?(current_user, :admin_team_member, @project) + %li.divider + %li + = link_to new_project_team_member_path(@project), title: "New project member" do + Project member |