diff options
author | Mark Chao <mchao@gitlab.com> | 2019-10-22 16:05:33 +0300 |
---|---|---|
committer | Dylan Griffith <dyl.griffith@gmail.com> | 2019-11-15 12:58:41 +0300 |
commit | f44727bba9a87e86634112a2a155f312cc543f7d (patch) | |
tree | 1de1b7e44661ea13b1d88b6623bd6b12a9adaee2 /app | |
parent | 1805f42b56f697d628b59f173d8813917eca974e (diff) |
Fix scope to handle private guest permission
Guest are blocked to certain feature when project is private,
therefore the scope would filter additionally with REPORTER level.
Diffstat (limited to 'app')
-rw-r--r-- | app/models/project.rb | 8 | ||||
-rw-r--r-- | app/models/project_feature.rb | 7 |
2 files changed, 14 insertions, 1 deletions
diff --git a/app/models/project.rb b/app/models/project.rb index 74da042d5a5..624a4c5d38f 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -516,7 +516,13 @@ class Project < ApplicationRecord # This scope returns projects where user has access to both the project and the feature. def self.filter_by_feature_visibility(feature, user) - with_feature_available_for_user(feature, user).public_or_visible_to_user(user) + scope = with_feature_available_for_user(feature, user) + + if ProjectFeature.guest_allowed_on_private_project?(feature) + scope.public_or_visible_to_user(user) + else + scope.public_or_visible_to_user(user, Gitlab::Access::REPORTER) + end end scope :active, -> { joins(:issues, :notes, :merge_requests).order('issues.created_at, notes.created_at, merge_requests.created_at DESC') } diff --git a/app/models/project_feature.rb b/app/models/project_feature.rb index 2013f620b5b..564e531c320 100644 --- a/app/models/project_feature.rb +++ b/app/models/project_feature.rb @@ -24,6 +24,7 @@ class ProjectFeature < ApplicationRecord FEATURES = %i(issues merge_requests wiki snippets builds repository pages).freeze PRIVATE_FEATURES_MIN_ACCESS_LEVEL = { merge_requests: Gitlab::Access::REPORTER }.freeze + FEATURES_ALLOWED_BY_GUEST_ON_PRIVATE_PROJECT = %i(issues wiki).freeze STRING_OPTIONS = HashWithIndifferentAccess.new({ 'disabled' => DISABLED, 'private' => PRIVATE, @@ -45,6 +46,12 @@ class ProjectFeature < ApplicationRecord "#{table}.#{attribute}" end + def guest_allowed_on_private_project?(feature) + feature = ensure_feature!(feature) + + FEATURES_ALLOWED_BY_GUEST_ON_PRIVATE_PROJECT.include?(feature) + end + def required_minimum_access_level(feature) feature = ensure_feature!(feature) |