diff options
author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-09-25 15:05:35 +0400 |
---|---|---|
committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-09-25 15:05:35 +0400 |
commit | 573d367be5a61e9b344e48b6678cdd8067fe6bd1 (patch) | |
tree | ae1b3d887b6fa6716e62a40ebc9548230e74fdab /app/models | |
parent | 087d7e554f603faf946ea7ccb910e7b99a0801c2 (diff) |
Modify permissions for project and group
* Hooks and team pages allowed only for masters/owners
* Group page allowed for admin
* Corrent authentication for Projects controller
* Hide some project elements from visitor
Diffstat (limited to 'app/models')
-rw-r--r-- | app/models/ability.rb | 2 | ||||
-rw-r--r-- | app/models/group.rb | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb index 26988c5e6a7..ad070dad296 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -154,7 +154,7 @@ class Ability def group_abilities user, group rules = [] - if group.users.include?(user) + if group.users.include?(user) || user.admin? rules << :read_group end diff --git a/app/models/group.rb b/app/models/group.rb index fce8d71217b..0b36c934375 100644 --- a/app/models/group.rb +++ b/app/models/group.rb @@ -32,6 +32,10 @@ class Group < Namespace end end + def add_user(user, group_access) + self.users_groups.create(user_id: user.id, group_access: group_access) + end + def change_owner(user) self.owner = user membership = users_groups.where(user_id: user.id).first |