diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-21 10:08:36 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-10-21 10:08:36 +0300 |
commit | 48aff82709769b098321c738f3444b9bdaa694c6 (patch) | |
tree | e00c7c43e2d9b603a5a6af576b1685e400410dee /app/policies/project_policy.rb | |
parent | 879f5329ee916a948223f8f43d77fba4da6cd028 (diff) |
Add latest changes from gitlab-org/gitlab@13-5-stable-eev13.5.0-rc42
Diffstat (limited to 'app/policies/project_policy.rb')
-rw-r--r-- | app/policies/project_policy.rb | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 87ee7d201e4..59e2d617bf7 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -104,6 +104,9 @@ class ProjectPolicy < BasePolicy with_scope :subject condition(:service_desk_enabled) { @subject.service_desk_enabled? } + with_scope :subject + condition(:resource_access_token_available) { resource_access_token_available? } + # We aren't checking `:read_issue` or `:read_merge_request` in this case # because it could be possible for a user to see an issuable-iid # (`:read_issue_iid` or `:read_merge_request_iid`) but then wouldn't be @@ -237,7 +240,6 @@ class ProjectPolicy < BasePolicy enable :read_merge_request enable :read_sentry_issue enable :update_sentry_issue - enable :read_incidents enable :read_prometheus enable :read_metrics_dashboard_annotation enable :metrics_dashboard @@ -589,6 +591,10 @@ class ProjectPolicy < BasePolicy prevent :read_project end + rule { resource_access_token_available & can?(:admin_project) }.policy do + enable :admin_resource_access_tokens + end + private def user_is_user? @@ -663,6 +669,10 @@ class ProjectPolicy < BasePolicy end end + def resource_access_token_available? + true + end + def project @subject end |