diff options
author | Kamil TrzciĆski <ayufan@ayufan.eu> | 2018-04-05 16:49:18 +0300 |
---|---|---|
committer | Mayra Cabrera <mcabrera@gitlab.com> | 2018-04-07 05:20:16 +0300 |
commit | 72220a99d1cdbcf8a914f9e765c43e63eaee2548 (patch) | |
tree | 314df7454174092bee8f1ea83d6bda53d760959e /app/policies/project_policy.rb | |
parent | 171b2625b128e5954ce0a150a4fc923a22164e4e (diff) |
Support Deploy Tokens properly without hacking abilities
Diffstat (limited to 'app/policies/project_policy.rb')
-rw-r--r-- | app/policies/project_policy.rb | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb index 2f9dd0384bc..21bb0934dee 100644 --- a/app/policies/project_policy.rb +++ b/app/policies/project_policy.rb @@ -145,7 +145,7 @@ class ProjectPolicy < BasePolicy # These abilities are not allowed to admins that are not members of the project, # that's why they are defined separately. rule { guest & can?(:download_code) }.enable :build_download_code - rule { guest & can?(:read_container_image) }.enable :project_read_container_image + rule { guest & can?(:read_container_image) }.enable :build_read_container_image rule { can?(:reporter_access) }.policy do enable :download_code @@ -179,7 +179,7 @@ class ProjectPolicy < BasePolicy enable :fork_project enable :build_download_code - enable :project_read_container_image + enable :build_read_container_image enable :request_access end |