diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-09 18:08:32 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-01-09 18:08:32 +0300 |
commit | e9de69b545c25c9cb7fd410f9bf8ba34c6bb727b (patch) | |
tree | a59ae937a12f9e03e7c4269af4a3a0fcb1e540b2 /app/policies | |
parent | 1935f3e81b99c00697bf0b4d6a44d64068b34745 (diff) |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/issuable_policy.rb | 3 | ||||
-rw-r--r-- | app/policies/issue_policy.rb | 3 | ||||
-rw-r--r-- | app/policies/merge_request_policy.rb | 4 |
3 files changed, 7 insertions, 3 deletions
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb index fae66498038..52796ed1a1d 100644 --- a/app/policies/issuable_policy.rb +++ b/app/policies/issuable_policy.rb @@ -16,6 +16,9 @@ class IssuablePolicy < BasePolicy condition(:is_incident) { @subject.incident? } + desc "Issuable is hidden" + condition(:hidden, scope: :subject) { @subject.hidden? } + rule { can?(:guest_access) & assignee_or_author & ~is_incident }.policy do enable :read_issue enable :update_issue diff --git a/app/policies/issue_policy.rb b/app/policies/issue_policy.rb index 174d68d14fc..d7f400732cd 100644 --- a/app/policies/issue_policy.rb +++ b/app/policies/issue_policy.rb @@ -21,9 +21,6 @@ class IssuePolicy < IssuablePolicy desc "Issue is confidential" condition(:confidential, scope: :subject) { @subject.confidential? } - desc "Issue is hidden" - condition(:hidden, scope: :subject) { @subject.hidden? } - desc "Issue is persisted" condition(:persisted, scope: :subject) { @subject.persisted? } diff --git a/app/policies/merge_request_policy.rb b/app/policies/merge_request_policy.rb index 1759cf057e4..49f9225a1d3 100644 --- a/app/policies/merge_request_policy.rb +++ b/app/policies/merge_request_policy.rb @@ -29,6 +29,10 @@ class MergeRequestPolicy < IssuablePolicy enable :update_subscription end + rule { hidden & ~admin }.policy do + prevent :read_merge_request + end + condition(:can_merge) { @subject.can_be_merged_by?(@user) } rule { can_merge }.policy do |