Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
authorMark Chao <mchao@gitlab.com>2019-03-11 11:52:40 +0300
committerMark Chao <mchao@gitlab.com>2019-03-20 05:56:14 +0300
commit53e34cedafc59f18621bdf9d26adc82b7897a306 (patch)
treee7d1fd5ac55afa1d683afe2a9afc796651f003cf /app
parent9d826aed9ff336a55f770c328dcf042e67823b48 (diff)
Hide related branches when user does not have permission
Guest user of a project should not see branches
Diffstat (limited to 'app')
-rw-r--r--app/assets/javascripts/issue.js4
-rw-r--r--app/controllers/projects/issues_controller.rb1
-rw-r--r--app/views/projects/issues/show.html.haml5
3 files changed, 7 insertions, 3 deletions
diff --git a/app/assets/javascripts/issue.js b/app/assets/javascripts/issue.js
index 94b78907d9a..b3508f36cf9 100644
--- a/app/assets/javascripts/issue.js
+++ b/app/assets/javascripts/issue.js
@@ -16,7 +16,9 @@ export default class Issue {
Issue.createMrDropdownWrap = document.querySelector('.create-mr-dropdown-wrap');
Issue.initMergeRequests();
- Issue.initRelatedBranches();
+ if (document.querySelector('#related-branches')) {
+ Issue.initRelatedBranches();
+ }
this.closeButtons = $('a.btn-close');
this.reopenButtons = $('a.btn-reopen');
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index f45cac86f5a..80ba613054c 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -38,6 +38,7 @@ class Projects::IssuesController < Projects::ApplicationController
before_action :authorize_create_merge_request_from!, only: [:create_merge_request]
before_action :authorize_import_issues!, only: [:import_csv]
+ before_action :authorize_download_code!, only: [:related_branches]
before_action :set_suggested_issues_feature_flags, only: [:new]
diff --git a/app/views/projects/issues/show.html.haml b/app/views/projects/issues/show.html.haml
index f048fb91304..277a28c8fe5 100644
--- a/app/views/projects/issues/show.html.haml
+++ b/app/views/projects/issues/show.html.haml
@@ -74,8 +74,9 @@
#merge-requests{ data: { url: referenced_merge_requests_project_issue_path(@project, @issue) } }
// This element is filled in using JavaScript.
- #related-branches{ data: { url: related_branches_project_issue_path(@project, @issue) } }
- // This element is filled in using JavaScript.
+ - if can?(current_user, :download_code, @project)
+ #related-branches{ data: { url: related_branches_project_issue_path(@project, @issue) } }
+ // This element is filled in using JavaScript.
.content-block.emoji-block.emoji-block-sticky
.row
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-11 16:46:40 +0300