Add latest changes from gitlab-org/security/gitlab@14-4-stable-ee

1 files changed, 8 insertions, 4 deletions

diff --git a/app/services/concerns/update_visibility_level.rb b/app/services/concerns/update_visibility_level.rb
index b7a161f5089..4cd14a2fb53 100644
--- a/app/services/concerns/update_visibility_level.rb
+++ b/app/services/concerns/update_visibility_level.rb
@@ -1,13 +1,17 @@
 # frozen_string_literal: true
 
 module UpdateVisibilityLevel
+  # check that user is allowed to set specified visibility_level
   def valid_visibility_level_change?(target, new_visibility)
-    # check that user is allowed to set specified visibility_level
-    if new_visibility && new_visibility.to_i != target.visibility_level
+    return true unless new_visibility
+
+    new_visibility_level = Gitlab::VisibilityLevel.level_value(new_visibility)
+
+    if new_visibility_level != target.visibility_level_value
       unless can?(current_user, :change_visibility_level, target) &&
-          Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
+          Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility_level)
 
-        deny_visibility_level(target, new_visibility)
+        deny_visibility_level(target, new_visibility_level)
         return false
       end
     end