diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-07 03:08:34 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-07 03:08:34 +0300 |
commit | 7e89568aa1b1c531aa34860fbd9e77d9e988b9b2 (patch) | |
tree | 9d644d947b75594d969f040ef046541c769e0dc3 /app/policies | |
parent | f2143c9986ad7b6206b8a41cc9aeb419e543d3f5 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/base_policy.rb | 13 | ||||
-rw-r--r-- | app/policies/merge_request_policy.rb | 2 |
2 files changed, 9 insertions, 6 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb index 41c924029d7..1ce866bd910 100644 --- a/app/policies/base_policy.rb +++ b/app/policies/base_policy.rb @@ -19,6 +19,14 @@ class BasePolicy < DeclarativePolicy::Base with_options scope: :user, score: 0 condition(:deactivated) { @user&.deactivated? } + desc "User is bot" + with_options scope: :user, score: 0 + condition(:bot) { @user&.bot? } + + desc "User is alert bot" + with_options scope: :user, score: 0 + condition(:alert_bot) { @user&.alert_bot? } + desc "User is support bot" with_options scope: :user, score: 0 condition(:support_bot) { @user&.support_bot? } @@ -50,9 +58,6 @@ class BasePolicy < DeclarativePolicy::Base ::Gitlab::ExternalAuthorization.perform_check? end - with_options scope: :user, score: 0 - condition(:alert_bot) { @user&.alert_bot? } - rule { external_authorization_enabled & ~can?(:read_all_resources) }.policy do prevent :read_cross_project end @@ -68,8 +73,6 @@ class BasePolicy < DeclarativePolicy::Base rule { default }.enable :read_cross_project condition(:is_gitlab_com, score: 0, scope: :global) { ::Gitlab.com? } - - condition(:is_bot?) { @user&.bot? } end BasePolicy.prepend_mod_with('BasePolicy') diff --git a/app/policies/merge_request_policy.rb b/app/policies/merge_request_policy.rb index 62840b0129f..32128d84d0b 100644 --- a/app/policies/merge_request_policy.rb +++ b/app/policies/merge_request_policy.rb @@ -18,7 +18,7 @@ class MergeRequestPolicy < IssuablePolicy enable :approve_merge_request end - rule { can?(:approve_merge_request) & is_bot? }.policy do + rule { can?(:approve_merge_request) & bot }.policy do enable :reset_merge_request_approvals end |