Revert "Merge branch 'if-57131-external_auth_to_ce' into 'master'"

This reverts merge request !26823

1 files changed, 0 insertions, 28 deletions

diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index ba38af9c529..26d7d6e84c4 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -89,15 +89,6 @@ class ProjectPolicy < BasePolicy
     ::Gitlab::CurrentSettings.current_application_settings.mirror_available
   end
 
-  with_scope :subject
-  condition(:classification_label_authorized, score: 32) do
-    ::Gitlab::ExternalAuthorization.access_allowed?(
-      @user,
-      @subject.external_authorization_classification_label,
-      @subject.full_path
-    )
-  end
-
   # We aren't checking `:read_issue` or `:read_merge_request` in this case
   # because it could be possible for a user to see an issuable-iid
   # (`:read_issue_iid` or `:read_merge_request_iid`) but then wouldn't be
@@ -426,25 +417,6 @@ class ProjectPolicy < BasePolicy
 
   rule { ~can_have_multiple_clusters & has_clusters }.prevent :add_cluster
 
-  rule { ~can?(:read_cross_project) & ~classification_label_authorized }.policy do
-    # Preventing access here still allows the projects to be listed. Listing
-    # projects doesn't check the `:read_project` ability. But instead counts
-    # on the `project_authorizations` table.
-    #
-    # All other actions should explicitly check read project, which would
-    # trigger the `classification_label_authorized` condition.
-    #
-    # `:read_project_for_iids` is not prevented by this condition, as it is
-    # used for cross-project reference checks.
-    prevent :guest_access
-    prevent :public_access
-    prevent :public_user_access
-    prevent :reporter_access
-    prevent :developer_access
-    prevent :maintainer_access
-    prevent :owner_access
-  end
-
   private
 
   def team_member?