diff options
author | John T Skarbek <jskarbek@gitlab.com> | 2019-08-14 21:11:04 +0300 |
---|---|---|
committer | John T Skarbek <jskarbek@gitlab.com> | 2019-08-14 21:11:04 +0300 |
commit | 2b2efbc609a85093238ee3bec94358670021d0e5 (patch) | |
tree | 671ff737363c10b61e4a970e1c108319cc07e37d /app/policies | |
parent | affa81eb79ec0ca01a1a0c2733cc5cdffb3b9ff1 (diff) | |
parent | 7b52cff4896c8f681aea34fb273209400cf3e06e (diff) |
Merge remote-tracking branch 'dev/security-2873-restrict-slash-commands-to-users-who-can-log-in'
Diffstat (limited to 'app/policies')
-rw-r--r-- | app/policies/global_policy.rb | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb index 134de1c9ace..311aab0dcd4 100644 --- a/app/policies/global_policy.rb +++ b/app/policies/global_policy.rb @@ -33,6 +33,7 @@ class GlobalPolicy < BasePolicy enable :access_git enable :receive_notifications enable :use_quick_actions + enable :use_slash_commands end rule { blocked | internal }.policy do @@ -40,6 +41,7 @@ class GlobalPolicy < BasePolicy prevent :access_api prevent :access_git prevent :receive_notifications + prevent :use_slash_commands end rule { required_terms_not_accepted }.policy do @@ -57,6 +59,7 @@ class GlobalPolicy < BasePolicy rule { access_locked }.policy do prevent :log_in + prevent :use_slash_commands end rule { ~(anonymous & restricted_public_level) }.policy do |