diff options
| author | Jarka Kadlecova <jarka@gitlab.com> | 2017-08-30 17:57:50 +0300 |
|---|---|---|
| committer | Jarka Kadlecova <jarka@gitlab.com> | 2017-09-14 15:50:32 +0300 |
| commit | b9287208523e1a5c05939fe0db038df51a9082fc (patch) | |
| tree | 7cc859ffab52ae526924676395374d4621fd96c3 /app/policies | |
| parent | 1140fcce4f8b5463f451356b76fea125826478b2 (diff) | |
Support discussion locking in the backend
Diffstat (limited to 'app/policies')
| -rw-r--r-- | app/policies/issuable_policy.rb | 5 | ||||
| -rw-r--r-- | app/policies/note_policy.rb | 10 |
2 files changed, 15 insertions, 0 deletions
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb index daf6fa9e18a..212f4989557 100644 --- a/app/policies/issuable_policy.rb +++ b/app/policies/issuable_policy.rb @@ -1,6 +1,9 @@ class IssuablePolicy < BasePolicy delegate { @subject.project } + condition(:locked) { @subject.discussion_locked? } + condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) } + desc "User is the assignee or author" condition(:assignee_or_author) do @user && @subject.assignee_or_author?(@user) @@ -12,4 +15,6 @@ class IssuablePolicy < BasePolicy enable :read_merge_request enable :update_merge_request end + + rule { locked & ~is_project_member }.prevent :create_note end diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb index 20cd51cfb99..5d51fbf4f4a 100644 --- a/app/policies/note_policy.rb +++ b/app/policies/note_policy.rb @@ -2,14 +2,18 @@ class NotePolicy < BasePolicy delegate { @subject.project } condition(:is_author) { @user && @subject.author == @user } + condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) } condition(:for_merge_request, scope: :subject) { @subject.for_merge_request? } condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id } condition(:editable, scope: :subject) { @subject.editable? } + condition(:locked) { @subject.noteable.discussion_locked? } rule { ~editable | anonymous }.prevent :edit_note + rule { is_author | admin }.enable :edit_note rule { can?(:master_access) }.enable :edit_note + rule { locked & ~is_author & ~is_project_member }.prevent :edit_note rule { is_author }.policy do enable :read_note @@ -21,4 +25,10 @@ class NotePolicy < BasePolicy rule { for_merge_request & is_noteable_author }.policy do enable :resolve_note end + + rule { locked & ~is_project_member }.policy do + prevent :update_note + prevent :admin_note + prevent :resolve_note + end end |