diff options
author | Yorick Peterse <yorickpeterse@gmail.com> | 2019-03-04 21:36:41 +0300 |
---|---|---|
committer | Yorick Peterse <yorickpeterse@gmail.com> | 2019-03-04 21:36:41 +0300 |
commit | 219075fc6e187d742bf46791a778fd9a885ce8b3 (patch) | |
tree | 2324139df8d11b7856b3c1dbc5609f9d8a4796da /app | |
parent | 6e1f0852fe6415fc347d911b93e299b1e04422af (diff) | |
parent | 38f3c2e18684f94f75ab52e5039203e8321ed7d7 (diff) |
Merge branch 'security-2799-emails' into 'master'
[master] Remove link after issue move when no permissions
See merge request gitlab/gitlabhq!2921
Diffstat (limited to 'app')
-rw-r--r-- | app/mailers/emails/issues.rb | 1 | ||||
-rw-r--r-- | app/views/notify/issue_moved_email.html.haml | 11 | ||||
-rw-r--r-- | app/views/notify/issue_moved_email.text.erb | 4 |
3 files changed, 12 insertions, 4 deletions
diff --git a/app/mailers/emails/issues.rb b/app/mailers/emails/issues.rb index 654ae211310..d2e334fb856 100644 --- a/app/mailers/emails/issues.rb +++ b/app/mailers/emails/issues.rb @@ -74,6 +74,7 @@ module Emails @new_issue = new_issue @new_project = new_issue.project + @can_access_project = recipient.can?(:read_project, @new_project) mail_answer_thread(issue, issue_thread_options(updated_by_user.id, recipient.id, reason)) end diff --git a/app/views/notify/issue_moved_email.html.haml b/app/views/notify/issue_moved_email.html.haml index 472c31e9a5e..b766cb1a523 100644 --- a/app/views/notify/issue_moved_email.html.haml +++ b/app/views/notify/issue_moved_email.html.haml @@ -1,6 +1,9 @@ %p Issue was moved to another project. -%p - New issue: - = link_to project_issue_url(@new_project, @new_issue) do - = @new_issue.title +- if @can_access_project + %p + New issue: + = link_to project_issue_url(@new_project, @new_issue) do + = @new_issue.title +- else + You don't have access to the project. diff --git a/app/views/notify/issue_moved_email.text.erb b/app/views/notify/issue_moved_email.text.erb index 66ede43635b..985e689aa9d 100644 --- a/app/views/notify/issue_moved_email.text.erb +++ b/app/views/notify/issue_moved_email.text.erb @@ -1,4 +1,8 @@ Issue was moved to another project. +<% if @can_access_project %> New issue location: <%= project_issue_url(@new_project, @new_issue) %> +<% else %> +You don't have access to the project. +<% end %> |