Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/issuable_base_service.rb
diff options
context:
space:
mode:
authorDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2015-06-25 17:17:48 +0300
committerDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>2015-06-25 17:17:48 +0300
commit0bcfe9a0dcf630b166376bf05de966132d6ee45d (patch)
tree276a415b4d3ddfca709af69bb3ff2d031adf453a /app/services/issuable_base_service.rb
parent5ff870a044150bef027b903bd944b8cc0578f798 (diff)
Dont allow set assignee, milestone or labels if user is guest
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Diffstat (limited to 'app/services/issuable_base_service.rb')
-rw-r--r--app/services/issuable_base_service.rb14
1 files changed, 14 insertions, 0 deletions
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index 1d99223cfe6..cb544eaf89b 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -26,4 +26,18 @@ class IssuableBaseService < BaseService
issuable, issuable.project, current_user, branch_type,
old_branch, new_branch)
end
+
+ def filter_params
+ unless can?(current_user, :set_milestone, project)
+ params.delete(:milestone_id)
+ end
+
+ unless can?(current_user, :set_label, project)
+ params.delete(:label_ids)
+ end
+
+ unless can?(current_user, :set_assignee, project)
+ params.delete(:assignee_id)
+ end
+ end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-19 17:46:21 +0300