From 7deab3172257bef7818ce834c1e0709432ddd5e0 Mon Sep 17 00:00:00 2001
From: Mayra Cabrera <mcabrera@gitlab.com>
Date: Tue, 3 Apr 2018 16:34:56 -0500
Subject: Removes logic from Jwt and handle different scenarios on Gitlab::Auth

- When using 'read_repo' password and project are sent, so we used both
  of them to fetch for the token
- When using 'read_registry' only the password is sent, so we only use
  that for fetching the token
---
 app/policies/project_policy.rb | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'app/policies/project_policy.rb')

diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index b1ed034cd00..2f9dd0384bc 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -143,9 +143,9 @@ class ProjectPolicy < BasePolicy
   end
 
   # These abilities are not allowed to admins that are not members of the project,
-  # that's why they are defined separatly.
+  # that's why they are defined separately.
   rule { guest & can?(:download_code) }.enable :build_download_code
-  rule { guest & can?(:read_container_image) }.enable :build_read_container_image
+  rule { guest & can?(:read_container_image) }.enable :project_read_container_image
 
   rule { can?(:reporter_access) }.policy do
     enable :download_code
@@ -179,7 +179,7 @@ class ProjectPolicy < BasePolicy
 
     enable :fork_project
     enable :build_download_code
-    enable :build_read_container_image
+    enable :project_read_container_image
     enable :request_access
   end
 
-- 
cgit v1.2.1