diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-03 18:12:58 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-05-03 18:12:58 +0300 |
| commit | 27a5080c34c64a84219d855d652b994c5e344a0a (patch) | |
| tree | 1f6bcb68378e4965b4e93a846d8a939af18aeec6 /app/policies | |
| parent | 2c01907a1ab4b328e2f20ddf9e10dfe6dc17105a (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/policies')
| -rw-r--r-- | app/policies/ci/build_policy.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/app/policies/ci/build_policy.rb b/app/policies/ci/build_policy.rb index fc154e6b465..73e4cbee54a 100644 --- a/app/policies/ci/build_policy.rb +++ b/app/policies/ci/build_policy.rb @@ -81,7 +81,7 @@ module Ci # Authorizing the user to access to protected entities. # There is a "jailbreak" mode to exceptionally bypass the authorization, # however, you should NEVER allow it, rather suspect it's a wrong feature/product design. - rule { ~can?(:jailbreak) & (archived | protected_ref | protected_environment) }.policy do + rule { ~can?(:jailbreak) & (archived | (protected_ref & ~admin) | protected_environment) }.policy do prevent :update_build prevent :update_commit_status prevent :erase_build |