Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorMark Chao <mchao@gitlab.com>2019-03-11 11:52:40 +0300
committerMark Chao <mchao@gitlab.com>2019-03-20 05:54:20 +0300
commitb4b8d111fbc553c06b4f7479f5e6c77977c4cd15 (patch)
tree3d0ce0ef04c82f7e85047906949c4d54c5215cf3 /app
parent3f8131133bf6310a7fc05d7a332b4560edb456ef (diff)
Hide related branches when user does not have permission
Guest user of a project should not see branches
Diffstat (limited to 'app')
-rw-r--r--app/assets/javascripts/issue.js4
-rw-r--r--app/controllers/projects/issues_controller.rb1
-rw-r--r--app/views/projects/issues/show.html.haml5
3 files changed, 7 insertions, 3 deletions
diff --git a/app/assets/javascripts/issue.js b/app/assets/javascripts/issue.js
index 94b78907d9a..b3508f36cf9 100644
--- a/app/assets/javascripts/issue.js
+++ b/app/assets/javascripts/issue.js
@@ -16,7 +16,9 @@ export default class Issue {
Issue.createMrDropdownWrap = document.querySelector('.create-mr-dropdown-wrap');
Issue.initMergeRequests();
- Issue.initRelatedBranches();
+ if (document.querySelector('#related-branches')) {
+ Issue.initRelatedBranches();
+ }
this.closeButtons = $('a.btn-close');
this.reopenButtons = $('a.btn-reopen');
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index b9d02a62fc3..2cb40697b5c 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -39,6 +39,7 @@ class Projects::IssuesController < Projects::ApplicationController
before_action :authorize_create_merge_request_from!, only: [:create_merge_request]
before_action :authorize_import_issues!, only: [:import_csv]
+ before_action :authorize_download_code!, only: [:related_branches]
before_action :set_suggested_issues_feature_flags, only: [:new]
diff --git a/app/views/projects/issues/show.html.haml b/app/views/projects/issues/show.html.haml
index 653b7d4c6f3..0f65560cd7e 100644
--- a/app/views/projects/issues/show.html.haml
+++ b/app/views/projects/issues/show.html.haml
@@ -77,8 +77,9 @@
#merge-requests{ data: { url: referenced_merge_requests_project_issue_path(@project, @issue) } }
// This element is filled in using JavaScript.
- #related-branches{ data: { url: related_branches_project_issue_path(@project, @issue) } }
- // This element is filled in using JavaScript.
+ - if can?(current_user, :download_code, @project)
+ #related-branches{ data: { url: related_branches_project_issue_path(@project, @issue) } }
+ // This element is filled in using JavaScript.
.content-block.emoji-block.emoji-block-sticky
.row
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 03:09:17 +0300