Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/policies
diff options
context:
space:
mode:
authorLin Jen-Shin <godfat@godfat.org>2017-07-17 11:49:54 +0300
committerLin Jen-Shin <godfat@godfat.org>2017-07-17 11:49:54 +0300
commitc82a642b51ad9a206e97072813b64479a0a6cd4c (patch)
tree40b8b71650649efb4781840a6965a787f6b57227 /app/policies
parent5f32bd774ad5cb89685dab5102e0614b2593d4ff (diff)
Protect manual actions against protected tag too
Diffstat (limited to 'app/policies')
-rw-r--r--app/policies/ci/build_policy.rb7
1 files changed, 4 insertions, 3 deletions
diff --git a/app/policies/ci/build_policy.rb b/app/policies/ci/build_policy.rb
index a886efc1360..71ecb5bca8d 100644
--- a/app/policies/ci/build_policy.rb
+++ b/app/policies/ci/build_policy.rb
@@ -3,9 +3,10 @@ module Ci
condition(:protected_action) do
next false unless @subject.action?
- !::Gitlab::UserAccess
- .new(@user, project: @subject.project)
- .can_merge_to_branch?(@subject.ref)
+ access = ::Gitlab::UserAccess.new(@user, project: @subject.project)
+
+ !access.can_merge_to_branch?(@subject.ref) ||
+ !access.can_create_tag?(@subject.ref)
end
rule { protected_action }.prevent :update_build
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 15:32:40 +0300