diff options
| -rw-r--r-- | app/models/concerns/protected_ref_access.rb | 2 | ||||
| -rw-r--r-- | app/models/protected_ref_matcher.rb | 4 | ||||
| -rw-r--r-- | changelogs/unreleased/18471-restrict-tag-pushes-protected-tags.yml | 2 |
3 files changed, 5 insertions, 3 deletions
diff --git a/app/models/concerns/protected_ref_access.rb b/app/models/concerns/protected_ref_access.rb index 0c7e5157cdf..c4f158e569a 100644 --- a/app/models/concerns/protected_ref_access.rb +++ b/app/models/concerns/protected_ref_access.rb @@ -11,7 +11,7 @@ module ProtectedRefAccess end def check_access(user) - return true if user.is_admin? + return true if user.admin? project.team.max_member_access(user.id) >= access_level end diff --git a/app/models/protected_ref_matcher.rb b/app/models/protected_ref_matcher.rb index 83f44240259..d970f2b01fc 100644 --- a/app/models/protected_ref_matcher.rb +++ b/app/models/protected_ref_matcher.rb @@ -4,7 +4,7 @@ class ProtectedRefMatcher end # Returns all protected refs that match the given ref name. - # This realizes all records from the scope built up so far, and does + # This checks all records from the scope built up so far, and does # _not_ return a relation. # # This method optionally takes in a list of `protected_refs` to search @@ -38,6 +38,8 @@ class ProtectedRefMatcher end def wildcard_match?(ref_name) + return false unless wildcard? + wildcard_regex === ref_name end diff --git a/changelogs/unreleased/18471-restrict-tag-pushes-protected-tags.yml b/changelogs/unreleased/18471-restrict-tag-pushes-protected-tags.yml index c6ea5da65a5..fabe24e485a 100644 --- a/changelogs/unreleased/18471-restrict-tag-pushes-protected-tags.yml +++ b/changelogs/unreleased/18471-restrict-tag-pushes-protected-tags.yml @@ -1,4 +1,4 @@ --- -title: Protected Tags feature +title: Tags can be protected, restricting creation of matching tags by user role merge_request: 10356 author: |