Fix permission issue with highest access level for group

If user was a member of both group and project and group access level
was higher it was not respected and user got lowest project access
level. Now it is fixed and user get highest access level

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

1 files changed, 15 insertions, 4 deletions

diff --git a/app/models/project_team.rb b/app/models/project_team.rb
index afaca374130..0bbbd3d00e8 100644
--- a/app/models/project_team.rb
+++ b/app/models/project_team.rb
@@ -118,19 +118,30 @@ class ProjectTeam
   end
 
   def guest?(user)
-    find_tm(user.id).try(:access_field) == Gitlab::Access::GUEST
+    max_tm_access(user.id) == Gitlab::Access::GUEST
   end
 
   def reporter?(user)
-    find_tm(user.id).try(:access_field) == Gitlab::Access::REPORTER
+    max_tm_access(user.id) == Gitlab::Access::REPORTER
   end
 
   def developer?(user)
-    find_tm(user.id).try(:access_field) == Gitlab::Access::DEVELOPER
+    max_tm_access(user.id) == Gitlab::Access::DEVELOPER
   end
 
   def master?(user)
-    find_tm(user.id).try(:access_field) == Gitlab::Access::MASTER
+    max_tm_access(user.id) == Gitlab::Access::MASTER
+  end
+
+  def max_tm_access(user_id)
+    access = []
+    access << project.users_projects.find_by(user_id: user_id).try(:access_field)
+
+    if group
+      access << group.users_groups.find_by(user_id: user_id).try(:access_field)
+    end
+
+    access.compact.max
   end
 
   private