diff options
author | Manoj MJ <mmj@gitlab.com> | 2019-06-19 10:08:56 +0300 |
---|---|---|
committer | James Lopez <james@gitlab.com> | 2019-06-19 10:08:56 +0300 |
commit | 53b17f030161ba2afade8fe3d41b849a7fa41a89 (patch) | |
tree | 9f911580f4bc5d78cb66ffe7e16d1f77f7d23f64 /lib | |
parent | 69e1bd389f3cb04d451900f981be646462ffd039 (diff) |
Add documentation and tests
This commit adds
- feature specs
- to test the ability of a user with "developer" permission
to delete tags in repositories.
- documentation
Diffstat (limited to 'lib')
-rw-r--r-- | lib/api/helpers.rb | 4 | ||||
-rw-r--r-- | lib/api/tags.rb | 4 | ||||
-rw-r--r-- | lib/gitlab/checks/tag_check.rb | 2 | ||||
-rw-r--r-- | lib/gitlab/user_access.rb | 2 |
4 files changed, 8 insertions, 4 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index 00bcf6b055b..fd258e3edbc 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -235,6 +235,10 @@ module API authorize! :push_code, user_project end + def authorize_admin_tag + authorize! :admin_tag, user_project + end + def authorize_admin_project authorize! :admin_project, user_project end diff --git a/lib/api/tags.rb b/lib/api/tags.rb index f5359fd316c..796b1450602 100644 --- a/lib/api/tags.rb +++ b/lib/api/tags.rb @@ -55,7 +55,7 @@ module API optional :release_description, type: String, desc: 'Specifying release notes stored in the GitLab database (deprecated in GitLab 11.7)' end post ':id/repository/tags' do - authorize_push_project + authorize_admin_tag result = ::Tags::CreateService.new(user_project, current_user) .execute(params[:tag_name], params[:ref], params[:message]) @@ -87,7 +87,7 @@ module API requires :tag_name, type: String, desc: 'The name of the tag' end delete ':id/repository/tags/:tag_name', requirements: TAG_ENDPOINT_REQUIREMENTS do - authorize_push_project + authorize_admin_tag tag = user_project.repository.find_tag(params[:tag_name]) not_found!('Tag') unless tag diff --git a/lib/gitlab/checks/tag_check.rb b/lib/gitlab/checks/tag_check.rb index 2a75c8059bd..ced0612a7a3 100644 --- a/lib/gitlab/checks/tag_check.rb +++ b/lib/gitlab/checks/tag_check.rb @@ -19,7 +19,7 @@ module Gitlab return unless tag_name logger.log_timed(LOG_MESSAGES[:tag_checks]) do - if tag_exists? && user_access.cannot_do_action?(:admin_project) + if tag_exists? && user_access.cannot_do_action?(:admin_tag) raise GitAccess::UnauthorizedError, ERROR_MESSAGES[:change_existing_tags] end end diff --git a/lib/gitlab/user_access.rb b/lib/gitlab/user_access.rb index 9ef23cf849f..097b502316e 100644 --- a/lib/gitlab/user_access.rb +++ b/lib/gitlab/user_access.rb @@ -45,7 +45,7 @@ module Gitlab if protected?(ProtectedTag, project, ref) protected_tag_accessible_to?(ref, action: :create) else - user.can?(:push_code, project) + user.can?(:admin_tag, project) end end |