Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/models/ability.rb
diff options
context:
space:
mode:
authorDouwe Maan <douwe@selenight.nl>2016-03-20 23:03:53 +0300
committerDouwe Maan <douwe@selenight.nl>2016-03-20 23:04:07 +0300
commit8db1292139cfdac4c29c03b876b68b9e752cf75a (patch)
tree2fcf67ada482ecf4ac90f39c858334a62b709618 /app/models/ability.rb
parent2eb19ea3ea36916bbea72a8ccab3e6d15f602ac9 (diff)
Tweaks, refactoring, and specs
Diffstat (limited to 'app/models/ability.rb')
-rw-r--r--app/models/ability.rb23
1 files changed, 11 insertions, 12 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 88d7ecf3a16..de9253fcdd8 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -114,6 +114,13 @@ class Ability
# Push abilities on the users team role
rules.push(*project_team_rules(project.team, user))
+ if project.owner == user ||
+ (project.group && project.group.has_owner?(user)) ||
+ user.admin?
+
+ rules.push(*project_owner_rules)
+ end
+
if project.public? || (project.internal? && !user.external?)
rules.push(*public_project_rules)
@@ -121,14 +128,6 @@ class Ability
rules << :read_build if project.public_builds?
end
- if project.owner == user || user.admin?
- rules.push(*project_admin_rules)
- end
-
- if project.group && project.group.has_owner?(user)
- rules.push(*project_admin_rules)
- end
-
if project.archived?
rules -= project_archived_rules
end
@@ -228,8 +227,8 @@ class Ability
]
end
- def project_admin_rules
- @project_admin_rules ||= project_master_rules + [
+ def project_owner_rules
+ @project_owner_rules ||= project_master_rules + [
:change_namespace,
:change_visibility_level,
:rename_project,
@@ -275,7 +274,7 @@ class Ability
rules << :read_group if can_read_group?(user, group)
- # Only group masters and group owners can create new projects and change permission level
+ # Only group masters and group owners can create new projects
if group.has_master?(user) || group.has_owner?(user) || user.admin?
rules += [
:create_projects,
@@ -298,7 +297,7 @@ class Ability
def can_read_group?(user, group)
user.admin? || group.public? || (group.internal? && !user.external?) || group.users.include?(user) ||
- ProjectsFinder.new.execute(user, group: group).any?
+ GroupProjectsFinder.new(group).execute(user).any?
end
def namespace_abilities(user, namespace)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-19 04:09:10 +0300