summaryrefslogtreecommitdiff
path: root/app/services/members/create_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/members/create_service.rb')
-rw-r--r--app/services/members/create_service.rb13
1 files changed, 13 insertions, 0 deletions
diff --git a/app/services/members/create_service.rb b/app/services/members/create_service.rb
index 8485e7cbafa..57d9da4cefd 100644
--- a/app/services/members/create_service.rb
+++ b/app/services/members/create_service.rb
@@ -22,6 +22,11 @@ module Members
def execute
raise Gitlab::Access::AccessDeniedError unless can?(current_user, create_member_permission(source), source)
+ # rubocop:disable Layout/EmptyLineAfterGuardClause
+ raise Gitlab::Access::AccessDeniedError if adding_at_least_one_owner &&
+ cannot_assign_owner_responsibilities_to_member_in_project?
+ # rubocop:enable Layout/EmptyLineAfterGuardClause
+
validate_invite_source!
validate_invitable!
@@ -45,6 +50,14 @@ module Members
attr_reader :source, :errors, :invites, :member_created_namespace_id, :members,
:tasks_to_be_done_members, :member_created_member_task_id
+ def adding_at_least_one_owner
+ params[:access_level] == Gitlab::Access::OWNER
+ end
+
+ def cannot_assign_owner_responsibilities_to_member_in_project?
+ source.is_a?(Project) && !current_user.can?(:manage_owners, source)
+ end
+
def invites_from_params
# String, Nil, Array, Integer
return params[:user_id] if params[:user_id].is_a?(Array)
View Lorry Controller Status