Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/services/members/destroy_service.rb
diff options
context:
space:
mode:
Diffstat (limited to 'app/services/members/destroy_service.rb')
-rw-r--r--app/services/members/destroy_service.rb11
1 files changed, 10 insertions, 1 deletions
diff --git a/app/services/members/destroy_service.rb b/app/services/members/destroy_service.rb
index bb2d419c046..0a8344c58db 100644
--- a/app/services/members/destroy_service.rb
+++ b/app/services/members/destroy_service.rb
@@ -3,7 +3,12 @@
module Members
class DestroyService < Members::BaseService
def execute(member, skip_authorization: false, skip_subresources: false, unassign_issuables: false, destroy_bot: false)
- raise Gitlab::Access::AccessDeniedError unless skip_authorization || authorized?(member, destroy_bot)
+ unless skip_authorization
+ raise Gitlab::Access::AccessDeniedError unless authorized?(member, destroy_bot)
+
+ raise Gitlab::Access::AccessDeniedError if destroying_member_with_owner_access_level?(member) &&
+ cannot_revoke_owner_responsibilities_from_member_in_project?(member)
+ end
@skip_auth = skip_authorization
@@ -90,6 +95,10 @@ module Members
can?(current_user, destroy_bot_member_permission(member), member)
end
+ def destroying_member_with_owner_access_level?(member)
+ member.owner?
+ end
+
def destroy_member_permission(member)
case member
when GroupMember
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-20 21:12:34 +0300