summaryrefslogtreecommitdiff
path: root/lib/gitlab/user_access.rb
Commit message (Collapse)AuthorAgeFilesLines
* Allow creating protected branch when it doesn't existPawel Chojnacki2017-01-131-1/+3
| | | | | | if user has either push or merge permissions + Change log entry for fix to creating a branch matching a wildcard fails
* Introduce no_user_or_blocked? and fix tests due toLin Jen-Shin2016-11-161-4/+12
| | | | checking user permission.
* Improve EE compatibility with protected branch access levels.Timothy Andrew2016-08-161-2/+2
| | | | | | | | | 1. Change a few incorrect `access_level` to `access_levels.first` that were missed in e805a64. 2. `API::Entities` can iterate over all access levels instead of just the first one. This makes no difference to CE, and makes it more compatible with EE.
* changes default_branch_protection to allow devs_can_merge protection option ↵tiagonbotelho2016-08-041-0/+2
| | | | aswell
* Enforce "No One Can Push" during git operations.Timothy Andrew2016-07-291-4/+6
| | | | | | | | | | | 1. The crux of this change is in `UserAccess`, which looks through all the access levels, asking each if the user has access to push/merge for the current project. 2. Update the `protected_branches` factory to create access levels as necessary. 3. Fix and augment `user_access` and `git_access` specs.
* Revert "Revert "Merge branch '18193-developers-can-merge' into 'master' ""Rémy Coutable2016-07-181-3/+45
| | | | | | | | This reverts commit 530f5158e297f3cde27f3566cfe13bad74ba3b50. See !4892. Signed-off-by: Rémy Coutable <remy@rymai.me>
* Revert "Merge branch '18193-developers-can-merge' into 'master' "Robert Speicher2016-07-131-45/+3
| | | | | This reverts commit 9ca633eb4c62231e4ddff5466c723cf8e2bdb25d, reversing changes made to fb229bbf7970ba908962b837b270adf56f14098f.
* Refactor `Gitlab::GitAccess`Timothy Andrew2016-07-131-3/+45
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Don't use case statements for dispatch anymore. This leads to a lot of duplication, and makes the logic harder to follow. 2. Remove duplicated logic. - For example, the `can_push_to_branch?` exists, but we also have a different way of checking the same condition within `change_access_check`. - This kind of duplication is removed, and the `can_push_to_branch?` method is used in both places. 3. Move checks returning true/false to `UserAccess`. - All public methods in `GitAccess` now return an instance of `GitAccessStatus`. Previously, some methods would return true/false as well, which was confusing. - It makes sense for these kinds of checks to be at the level of a user, so the `UserAccess` class was repurposed for this. The prior `UserAccess.allowed?` classmethod is converted into an instance method. - All external uses of these checks have been migrated to use the `UserAccess` class 4. Move the "change_access_check" into a separate class. - Create the `GitAccess::ChangeAccessCheck` class to run these checks, which are quite substantial. - `ChangeAccessCheck` returns an instance of `GitAccessStatus` as well. 5. Break out the boolean logic in `ChangeAccessCheck` into `if/else` chains - this seems more readable. 6. I can understand that this might look like overkill for !4892, but I think this is a good opportunity to clean it up. - http://martinfowler.com/bliki/OpportunisticRefactoring.html
* Move method to UserJacob Vosmaer2016-03-101-3/+2
|
* Acquire lock before LDAP syncJacob Vosmaer2016-03-091-2/+3
|
* Cache LDAP check in Gitlab::UserAccessJacob Vosmaer2014-08-061-7/+2
| | | | | This changes the number of LDAP calls when users access GitLab via Git-over-SSH or the API. LDAP check results are cached for 1 hour.
* Move user access check to Gitlab::UserAccessJacob Vosmaer2014-05-151-0/+18
View Lorry Controller Status