diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-16 21:18:33 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-03-16 21:18:33 +0300 |
commit | f64a639bcfa1fc2bc89ca7db268f594306edfd7c (patch) | |
tree | a2c3c2ebcc3b45e596949db485d6ed18ffaacfa1 /app/policies/merge_request_policy.rb | |
parent | bfbc3e0d6583ea1a91f627528bedc3d65ba4b10f (diff) |
Add latest changes from gitlab-org/gitlab@13-10-stable-eev13.10.0-rc40
Diffstat (limited to 'app/policies/merge_request_policy.rb')
-rw-r--r-- | app/policies/merge_request_policy.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/app/policies/merge_request_policy.rb b/app/policies/merge_request_policy.rb index d5ba42d750c..e3fb54172f8 100644 --- a/app/policies/merge_request_policy.rb +++ b/app/policies/merge_request_policy.rb @@ -9,7 +9,10 @@ class MergeRequestPolicy < IssuablePolicy # Although :read_merge_request is computed in the policy context, # it would not be safe to prevent :create_note there, since # note permissions are shared, and this would apply too broadly. - rule { ~can?(:read_merge_request) }.prevent :create_note + rule { ~can?(:read_merge_request) }.policy do + prevent :create_note + prevent :accept_merge_request + end rule { can?(:update_merge_request) }.policy do enable :approve_merge_request @@ -18,6 +21,12 @@ class MergeRequestPolicy < IssuablePolicy rule { ~anonymous & can?(:read_merge_request) }.policy do enable :create_todo end + + condition(:can_merge) { @subject.can_be_merged_by?(@user) } + + rule { can_merge }.policy do + enable :accept_merge_request + end end MergeRequestPolicy.prepend_if_ee('EE::MergeRequestPolicy') |