From d723784957bea8dc74587ed7074c18983d7162a7 Mon Sep 17 00:00:00 2001
From: Davin Walker <dwalker@gitlab.com>
Date: Wed, 18 Jul 2018 17:31:21 +0000
Subject: check against user owned projects

---
 lib/api/issues.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 25185d6edc8..7b6efe75227 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -170,7 +170,7 @@ module API
         authorize! :create_issue, user_project
 
         # Setting created_at time only allowed for admins and project owners
-        unless current_user.admin? || user_project.owner == current_user
+        unless current_user.admin? || current_user.owned_projects.include?(user_project)
           params.delete(:created_at)
         end
 
-- 
cgit v1.2.1