Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorYorick Peterse <yorickpeterse@gmail.com>2019-01-24 15:48:37 +0300
committerYorick Peterse <yorickpeterse@gmail.com>2019-01-24 15:48:40 +0300
commitf4ef3ed11a575f54a70712ae69c47c8b182f213c (patch)
tree85b1535e1e86822fd6fd52f0cb438fd11c3081a1 /lib
parente3eb245f1da5f66a402aaf87b67387e6c414223c (diff)
Merge branch 'security-2779-fix-email-comment-permissions-check-11-7' into 'security-11-7'
[11.7] Fix discussion replies permissions check See merge request gitlab/gitlabhq!2824 (cherry picked from commit 9b4e7708495abe1fc3d8dc7f8ab41cc86206fff4) d845ca7d Prevent comments by email when issue is locked
Diffstat (limited to 'lib')
-rw-r--r--lib/gitlab/email/handler/reply_processing.rb2
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/gitlab/email/handler/reply_processing.rb b/lib/gitlab/email/handler/reply_processing.rb
index ba9730d2685..d8f4be8ada1 100644
--- a/lib/gitlab/email/handler/reply_processing.rb
+++ b/lib/gitlab/email/handler/reply_processing.rb
@@ -56,7 +56,7 @@ module Gitlab
raise ProjectNotFound unless author.can?(:read_project, project)
end
- raise UserNotAuthorizedError unless author.can?(permission, project || noteable)
+ raise UserNotAuthorizedError unless author.can?(permission, try(:noteable) || project)
end
def verify_record!(record:, invalid_exception:, record_name:)
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-19 20:43:32 +0300