Add latest changes from gitlab-org/gitlab@master

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-02-08 15:10:06 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-02-08 15:10:06 +0300
commit: d0aeb5df3d6b06165355b023a25b79c7bd74a27d (patch)
tree: 7b5d3ff0f0ac5c124aa8626aeb4a0682d99a17c2 /app/policies
parent: 9ccf40d15a14e9ccf613701ba7e3d5d250961345 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/app/policies/group_policy.rb b/app/policies/group_policy.rb
index abb3616c58f..9568998e27d 100644
--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -36,7 +36,14 @@ class GroupPolicy < Namespaces::GroupProjectNamespaceSharedPolicy
   condition(:request_access_enabled) { @subject.request_access_enabled }
 
   condition(:create_projects_disabled, scope: :subject) do
-    @subject.project_creation_level == ::Gitlab::Access::NO_ONE_PROJECT_ACCESS
+    next true if @user.nil?
+
+    visibility_evaluation_result = Gitlab::VisibilityLevelChecker
+        .new(user, Project.new(namespace_id: @subject.id))
+        .level_restricted?
+
+    @subject.project_creation_level == ::Gitlab::Access::NO_ONE_PROJECT_ACCESS ||
+      visibility_evaluation_result.restricted?
   end
 
   condition(:developer_maintainer_access, scope: :subject) do
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-02-08 15:10:06 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-02-08 15:10:06 +0300
commit	d0aeb5df3d6b06165355b023a25b79c7bd74a27d (patch)
tree	7b5d3ff0f0ac5c124aa8626aeb4a0682d99a17c2 /app/policies
parent	9ccf40d15a14e9ccf613701ba7e3d5d250961345 (diff)