summaryrefslogtreecommitdiff
path: root/app/contexts/projects/update_context.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/contexts/projects/update_context.rb')
-rw-r--r--app/contexts/projects/update_context.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/contexts/projects/update_context.rb b/app/contexts/projects/update_context.rb
index 9564dd94688..27d7a95724a 100644
--- a/app/contexts/projects/update_context.rb
+++ b/app/contexts/projects/update_context.rb
@@ -2,7 +2,11 @@ module Projects
class UpdateContext < BaseContext
def execute(role = :default)
params[:project].delete(:namespace_id)
- params[:project].delete(:public) unless can?(current_user, :change_public_mode, project)
+ # check that user is allowed to set specified visibility_level
+ unless can?(current_user, :change_visibility_level, project) && Gitlab::VisibilityLevel.allowed_for?(current_user, params[:project][:visibility_level])
+ params[:project].delete(:visibility_level)
+ end
+
new_branch = params[:project].delete(:default_branch)
if project.repository.exists? && new_branch != project.repository.root_ref
View Lorry Controller Status