Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/policies/base_policy.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/policies/base_policy.rb')
-rw-r--r--app/policies/base_policy.rb8
1 files changed, 3 insertions, 5 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index 18c23cbd13a..8f5c6957a20 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -21,10 +21,6 @@ class BasePolicy < DeclarativePolicy::Base
with_options scope: :user, score: 0
condition(:deactivated) { @user&.deactivated? }
- desc "User has access to all private groups & projects"
- with_options scope: :user, score: 0
- condition(:full_private_access) { @user&.full_private_access? }
-
with_options scope: :user, score: 0
condition(:external_user) { @user.nil? || @user.external? }
@@ -40,10 +36,12 @@ class BasePolicy < DeclarativePolicy::Base
::Gitlab::ExternalAuthorization.perform_check?
end
- rule { external_authorization_enabled & ~full_private_access }.policy do
+ rule { external_authorization_enabled & ~can?(:read_all_resources) }.policy do
prevent :read_cross_project
end
+ rule { admin }.enable :read_all_resources
+
rule { default }.enable :read_cross_project
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-09 02:17:36 +0300