diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-25 09:07:04 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-25 09:07:04 +0300 |
commit | 7d99ad1b87b3462395e20c949ce2a970f886a4e2 (patch) | |
tree | 1ccabc690209c1db1555f41257f99d8c0c824f70 /app/policies | |
parent | cebdb953a0e58875f6aea7ff6678925bbc8fec64 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/issue_policy.rb | 17 | ||||
-rw-r--r-- | app/policies/note_policy.rb | 8 |
2 files changed, 0 insertions, 25 deletions
diff --git a/app/policies/issue_policy.rb b/app/policies/issue_policy.rb index 491eebe9daf..2bc535adf41 100644 --- a/app/policies/issue_policy.rb +++ b/app/policies/issue_policy.rb @@ -27,23 +27,6 @@ class IssuePolicy < IssuablePolicy desc "Issue is persisted" condition(:persisted, scope: :subject) { @subject.persisted? } - # accessing notes requires the notes widget to be available for work items(or issue) - condition(:notes_widget_enabled, scope: :subject) do - @subject.work_item_type.widgets.include?(::WorkItems::Widgets::Notes) - end - - rule { ~notes_widget_enabled }.policy do - prevent :create_note - prevent :read_note - prevent :read_internal_note - prevent :set_note_created_at - prevent :mark_note_as_confidential - # these actions on notes are not available on issues/work items yet, - # but preventing any action on work item notes as long as there is no notes widget seems reasonable - prevent :resolve_note - prevent :reposition_note - end - rule { confidential & ~can_read_confidential }.policy do prevent(*create_read_update_admin_destroy(:issue)) prevent :read_issue_iid diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb index 9fd95bbe42d..67b57595beb 100644 --- a/app/policies/note_policy.rb +++ b/app/policies/note_policy.rb @@ -20,20 +20,12 @@ class NotePolicy < BasePolicy condition(:confidential, scope: :subject) { @subject.confidential? } - # if noteable is a work item it needs to check the notes widget availability - condition(:notes_widget_enabled, scope: :subject) do - !@subject.noteable.respond_to?(:work_item_type) || - @subject.noteable.work_item_type.widgets.include?(::WorkItems::Widgets::Notes) - end - # Should be matched with IssuablePolicy#read_internal_note # and EpicPolicy#read_internal_note condition(:can_read_confidential) do access_level >= Gitlab::Access::REPORTER || admin? end - rule { ~notes_widget_enabled }.prevent_all - rule { ~editable }.prevent :admin_note # If user can't read the issue/MR/etc then they should not be allowed to do anything to their own notes |