Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG1
-rw-r--r--app/models/ability.rb54
2 files changed, 32 insertions, 23 deletions
diff --git a/CHANGELOG b/CHANGELOG
index 9fe1e8c90c7..cc39373fd44 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,6 +1,7 @@
Please view this file on the master branch, on stable branches it's out of date.
v 7.14.0 (unreleased)
+ - Fix access to disabled features for unauthenticated users (Daniel Gerhardt)
- Fix OAuth provider bug where GitLab would not go return to the redirect_uri after sign-in (Stan Hu)
- Fix file upload dialog for comment editing (Daniel Gerhardt)
- Expire Rails cache entries after two weeks to prevent endless Redis growth
diff --git a/app/models/ability.rb b/app/models/ability.rb
index d3631d49ec6..6cffc46cec3 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -31,7 +31,7 @@ class Ability
end
if project && project.public?
- [
+ rules = [
:read_project,
:read_wiki,
:read_issue,
@@ -42,6 +42,8 @@ class Ability
:read_note,
:download_code
]
+
+ rules - project_disabled_features_rules(project)
else
group = if subject.kind_of?(Group)
subject
@@ -102,28 +104,7 @@ class Ability
rules -= project_archived_rules
end
- unless project.issues_enabled
- rules -= named_abilities('issue')
- end
-
- unless project.merge_requests_enabled
- rules -= named_abilities('merge_request')
- end
-
- unless project.issues_enabled or project.merge_requests_enabled
- rules -= named_abilities('label')
- rules -= named_abilities('milestone')
- end
-
- unless project.snippets_enabled
- rules -= named_abilities('project_snippet')
- end
-
- unless project.wiki_enabled
- rules -= named_abilities('wiki')
- end
-
- rules
+ rules - project_disabled_features_rules(project)
end
end
@@ -205,6 +186,33 @@ class Ability
]
end
+ def project_disabled_features_rules(project)
+ rules = []
+
+ unless project.issues_enabled
+ rules += named_abilities('issue')
+ end
+
+ unless project.merge_requests_enabled
+ rules += named_abilities('merge_request')
+ end
+
+ unless project.issues_enabled or project.merge_requests_enabled
+ rules += named_abilities('label')
+ rules += named_abilities('milestone')
+ end
+
+ unless project.snippets_enabled
+ rules += named_abilities('project_snippet')
+ end
+
+ unless project.wiki_enabled
+ rules += named_abilities('wiki')
+ end
+
+ rules
+ end
+
def group_abilities(user, group)
rules = []
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-10 10:27:01 +0300