diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-13 12:07:16 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-13 12:07:16 +0300 |
commit | 3101940724e516c36eb67884bd4f944b63d20721 (patch) | |
tree | 01c434907c8344df72e4314bb8c8f60a0b97c0f3 /app/policies | |
parent | 7f376fe105b7930f961e4dc1ab5a09e1118de181 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/achievements/achievement_policy.rb | 7 | ||||
-rw-r--r-- | app/policies/group_policy.rb | 2 | ||||
-rw-r--r-- | app/policies/issue_policy.rb | 4 |
3 files changed, 13 insertions, 0 deletions
diff --git a/app/policies/achievements/achievement_policy.rb b/app/policies/achievements/achievement_policy.rb new file mode 100644 index 00000000000..9723be0196d --- /dev/null +++ b/app/policies/achievements/achievement_policy.rb @@ -0,0 +1,7 @@ +# frozen_string_literal: true + +module Achievements + class AchievementPolicy < ::BasePolicy + delegate { @subject.namespace } + end +end diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb index 8eea995529c..b2325b7acac 100644 --- a/app/policies/group_policy.rb +++ b/app/policies/group_policy.rb @@ -126,6 +126,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy enable :read_group_member enable :read_custom_emoji enable :read_counts + enable :read_achievement end rule { ~public_group & ~has_access }.prevent :read_counts @@ -185,6 +186,7 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy enable :maintainer_access enable :read_upload enable :destroy_upload + enable :admin_achievement end rule { owner }.policy do diff --git a/app/policies/issue_policy.rb b/app/policies/issue_policy.rb index d7f400732cd..d1e35793c64 100644 --- a/app/policies/issue_policy.rb +++ b/app/policies/issue_policy.rb @@ -88,6 +88,10 @@ class IssuePolicy < IssuablePolicy enable :set_confidentiality end + rule { can?(:guest_access) & can?(:read_issue) }.policy do + enable :admin_issue_relation + end + rule { can_read_crm_contacts }.policy do enable :read_crm_contacts end |