diff options
| -rw-r--r-- | app/controllers/projects/pages_controller.rb | 3 | ||||
| -rw-r--r-- | app/policies/project_policy.rb | 2 | ||||
| -rw-r--r-- | app/views/projects/pages/_destroy.haml | 2 | ||||
| -rw-r--r-- | app/views/projects/pages/_list.html.haml | 2 | ||||
| -rw-r--r-- | app/views/projects/pages/_no_domains.html.haml | 13 | ||||
| -rw-r--r-- | app/views/projects/pages/show.html.haml | 2 | ||||
| -rw-r--r-- | doc/user/permissions.md | 3 |
7 files changed, 18 insertions, 9 deletions
diff --git a/app/controllers/projects/pages_controller.rb b/app/controllers/projects/pages_controller.rb index b73f998392d..fbd18b68141 100644 --- a/app/controllers/projects/pages_controller.rb +++ b/app/controllers/projects/pages_controller.rb @@ -1,7 +1,8 @@ class Projects::PagesController < Projects::ApplicationController layout 'project_settings' - before_action :authorize_update_pages! + before_action :authorize_read_pages!, only: [:show] + before_action :authorize_update_pages!, except: [:show] def show @domains = @project.pages_domains.order(:domain) diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index ca5b39a001f..f5fd50745aa 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -110,6 +110,8 @@ class ProjectPolicy < BasePolicy can! :admin_pipeline can! :admin_environment can! :admin_deployment + can! :admin_pages + can! :read_pages can! :update_pages end diff --git a/app/views/projects/pages/_destroy.haml b/app/views/projects/pages/_destroy.haml index 0cd25f82cd4..896a86712a1 100644 --- a/app/views/projects/pages/_destroy.haml +++ b/app/views/projects/pages/_destroy.haml @@ -7,3 +7,5 @@ Removing the pages will prevent from exposing them to outside world. .form-actions = link_to 'Remove pages', namespace_project_pages_path(@project.namespace, @project), data: { confirm: 'Are you sure?'}, method: :delete, class: "btn btn-remove" +- else + .nothing-here-block Only the project owner can remove pages diff --git a/app/views/projects/pages/_list.html.haml b/app/views/projects/pages/_list.html.haml index c1a6948a574..4f2dd1a1398 100644 --- a/app/views/projects/pages/_list.html.haml +++ b/app/views/projects/pages/_list.html.haml @@ -1,4 +1,4 @@ -- if @domains.any? +- if can?(current_user, :update_pages, @project) && @domains.any? .panel.panel-default .panel-heading Domains (#{@domains.count}) diff --git a/app/views/projects/pages/_no_domains.html.haml b/app/views/projects/pages/_no_domains.html.haml index 5a18740346a..7cea5f3e70b 100644 --- a/app/views/projects/pages/_no_domains.html.haml +++ b/app/views/projects/pages/_no_domains.html.haml @@ -1,6 +1,7 @@ -.panel.panel-default - .panel-heading - Domains - .nothing-here-block - Support for domains and certificates is disabled. - Ask your system's administrator to enable it. +- if can?(current_user, :update_pages, @project) + .panel.panel-default + .panel-heading + Domains + .nothing-here-block + Support for domains and certificates is disabled. + Ask your system's administrator to enable it. diff --git a/app/views/projects/pages/show.html.haml b/app/views/projects/pages/show.html.haml index f4ca33f418b..b6595269b06 100644 --- a/app/views/projects/pages/show.html.haml +++ b/app/views/projects/pages/show.html.haml @@ -2,7 +2,7 @@ %h3.page_title Pages - - if Gitlab.config.pages.external_http || Gitlab.config.pages.external_https + - if can?(current_user, :update_pages, @project) && (Gitlab.config.pages.external_http || Gitlab.config.pages.external_https) = link_to new_namespace_project_pages_domain_path(@project.namespace, @project), class: 'btn btn-new pull-right', title: 'New Domain' do %i.fa.fa-plus New Domain diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 678fc3ffd1f..e87cae092a5 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -62,11 +62,14 @@ The following table depicts the various user permission levels in a project. | Manage runners | | | | ✓ | ✓ | | Manage build triggers | | | | ✓ | ✓ | | Manage variables | | | | ✓ | ✓ | +| Manage pages | | | | ✓ | ✓ | +| Manage pages domains and certificates | | | | ✓ | ✓ | | Switch visibility level | | | | | ✓ | | Transfer project to another namespace | | | | | ✓ | | Remove project | | | | | ✓ | | Force push to protected branches [^3] | | | | | | | Remove protected branches [^3] | | | | | | +| Remove pages | | | | | ✓ | ## Group |