summaryrefslogtreecommitdiff
path: root/app/policies/base_policy.rb
Commit message (Collapse)AuthorAgeFilesLines
* `current_application_settings` belongs on `Gitlab::CurrentSettings`Sean McGivern2017-08-311-3/+1
| | | | | | | | | | | | | | | | The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form.
* Merge remote-tracking branch 'origin/master' into ↵Timothy Andrew2017-06-301-125/+12
|\ | | | | | | | | | | | | 34141-allow-unauthenticated-access-to-the-users-api - Modify policy code to work with the `DeclarativePolicy` refactor in 37c401433b76170f0150d70865f1f4584db01fa8.
| * bugfix: use `require_dependency` to bring in DeclarativePolicybugfix/declarative-policy-reloadinghttp://jneen.net/2017-06-291-1/+1
| |
| * convert all the policies to DeclarativePolicyhttp://jneen.net/2017-06-271-123/+9
| |
* | Implement review comments for !12445 from @godfat and @rymai.Timothy Andrew2017-06-301-0/+6
|/ | | | | | | | | | | | | | | - Use `GlobalPolicy` to authorize the users that a non-authenticated user can fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC` visibility level is not restricted. - Further, as before, `/api/v4/users` is only accessible to unauthenticated users if the `username` parameter is passed. - Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual route + method, rather than the description. - Change the type of `current_user` check in `UsersFinder` to be more compatible with EE.
* Do not inherit build policy in pipeline policyGrzegorz Bizon2017-04-121-0/+4
|
* use a magic default :global symbol instead of nilhttp://jneen.net/2017-03-091-2/+7
| | | | to make sure we mean the global permissions
* Enable Rails/DelegateDouwe Maan2017-02-231-3/+1
|
* More improvements to presenters23563-document-presentersRémy Coutable2017-01-181-1/+1
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* Handle presenters in BasePolicyRémy Coutable2017-01-181-0/+4
| | | | Signed-off-by: Rémy Coutable <remy@rymai.me>
* s/NB:/NOTE:/http://jneen.net/2016-08-301-1/+1
|
* implement RuleSet#size for testshttp://jneen.net/2016-08-301-0/+4
|
* factor out a RuleSet so that `delegate!` retains @cannothttp://jneen.net/2016-08-301-8/+50
|
* special-case blocked usershttp://jneen.net/2016-08-301-0/+1
|
* use the cached abilities in #delegate!http://jneen.net/2016-08-301-1/+1
|
* factor in global permissionshttp://jneen.net/2016-08-301-2/+2
|
* add automatic detection of the policy classhttp://jneen.net/2016-08-301-1/+15
|
* port CommitStatus/Buildhttp://jneen.net/2016-08-301-0/+4
|
* port issues to Issu{able,e}Policyhttp://jneen.net/2016-08-301-2/+10
|
* add support for anonymous abilitieshttp://jneen.net/2016-08-301-4/+22
|
* add policies, and factor out ProjectPolicyhttp://jneen.net/2016-08-301-0/+25
View Lorry Controller Status