diff options
Diffstat (limited to 'app/policies/project_member_policy.rb')
-rw-r--r-- | app/policies/project_member_policy.rb | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/app/policies/project_member_policy.rb b/app/policies/project_member_policy.rb index f2f18406bd3..ca33b95e523 100644 --- a/app/policies/project_member_policy.rb +++ b/app/policies/project_member_policy.rb @@ -5,14 +5,17 @@ class ProjectMemberPolicy < BasePolicy condition(:target_is_owner, scope: :subject) { @subject.user == @subject.project.owner } condition(:target_is_self) { @user && @subject.user == @user } + condition(:project_bot) { @subject.user&.project_bot? } rule { anonymous }.prevent_all rule { target_is_owner }.prevent_all - rule { can?(:admin_project_member) }.policy do + rule { ~project_bot & can?(:admin_project_member) }.policy do enable :update_project_member enable :destroy_project_member end + rule { project_bot & can?(:admin_project_member) }.enable :destroy_project_bot_member + rule { target_is_self }.enable :destroy_project_member end |