diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-14 18:08:04 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-12-14 18:08:04 +0300 |
commit | 8c4225a66b12683bcf1bba9bb9328fcf65395b6d (patch) | |
tree | d3b583abd26fcbbcbf0db828aee2b940414e1649 /app/policies | |
parent | 075c890053f626018ba680e4da21a93743acb244 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/issuable_policy.rb | 3 | ||||
-rw-r--r-- | app/policies/issue_policy.rb | 3 | ||||
-rw-r--r-- | app/policies/merge_request_policy.rb | 4 |
3 files changed, 7 insertions, 3 deletions
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb index aa07bb7dc5f..779384ee3fe 100644 --- a/app/policies/issuable_policy.rb +++ b/app/policies/issuable_policy.rb @@ -16,6 +16,9 @@ class IssuablePolicy < BasePolicy condition(:is_incident) { @subject.incident? } + desc "Issuable is hidden" + condition(:hidden, scope: :subject) { @subject.hidden? } + rule { can?(:guest_access) & assignee_or_author & ~is_incident }.policy do enable :read_issue enable :update_issue diff --git a/app/policies/issue_policy.rb b/app/policies/issue_policy.rb index 491eebe9daf..7d4e42580b8 100644 --- a/app/policies/issue_policy.rb +++ b/app/policies/issue_policy.rb @@ -21,9 +21,6 @@ class IssuePolicy < IssuablePolicy desc "Issue is confidential" condition(:confidential, scope: :subject) { @subject.confidential? } - desc "Issue is hidden" - condition(:hidden, scope: :subject) { @subject.hidden? } - desc "Issue is persisted" condition(:persisted, scope: :subject) { @subject.persisted? } diff --git a/app/policies/merge_request_policy.rb b/app/policies/merge_request_policy.rb index 32128d84d0b..8da2af506c7 100644 --- a/app/policies/merge_request_policy.rb +++ b/app/policies/merge_request_policy.rb @@ -27,6 +27,10 @@ class MergeRequestPolicy < IssuablePolicy enable :update_subscription end + rule { hidden & ~admin }.policy do + prevent :read_merge_request + end + condition(:can_merge) { @subject.can_be_merged_by?(@user) } rule { can_merge }.policy do |