Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/models/ability.rb
AgeCommit message (Collapse)Author
2018-05-04Backport of 4084-epics-username-autocompleteMario de la Ossa
2018-04-10Remove edit_note and update_note abilities in favor of admin_noteDouwe Maan
2018-02-22Port `read_cross_project` ability from EEBob Van Landuyt
2017-06-29bugfix: use `require_dependency` to bring in DeclarativePolicyhttp://jneen.net/
2017-06-27convert the special-case Ability methods to use policieshttp://jneen.net/
2017-06-27convert all the policies to DeclarativePolicyhttp://jneen.net/
2017-03-09use a magic default :global symbol instead of nilhttp://jneen.net/
to make sure we mean the global permissions
2017-01-25address commentsJarka Kadlecova
2017-01-19Support notes without projectJarka Kadlecova
2016-08-30factor out a RuleSet so that `delegate!` retains @cannothttp://jneen.net/
2016-08-30remove the rest of the dead codehttp://jneen.net/
2016-08-30take the dive - only use abilities from Policieshttp://jneen.net/
2016-08-30port UserPolicyhttp://jneen.net/
2016-08-30port runners, namespaces, group/project_membershttp://jneen.net/
2016-08-30trim more dead codehttp://jneen.net/
2016-08-30port groupshttp://jneen.net/
2016-08-30port personal snippetshttp://jneen.net/
2016-08-30trim dead codehttp://jneen.net/
2016-08-30add automatic detection of the policy classhttp://jneen.net/
2016-08-30port CommitStatus/Buildhttp://jneen.net/
2016-08-30add and use MergeRequestPolicyhttp://jneen.net/
2016-08-30port issues to Issu{able,e}Policyhttp://jneen.net/
2016-08-30add support for anonymous abilitieshttp://jneen.net/
2016-08-30add policies, and factor out ProjectPolicyhttp://jneen.net/
2016-08-30remove Ability.abilitieshttp://jneen.net/
2016-08-30make almost everything on Ability privatehttp://jneen.net/
2016-08-30don't double-cache project_abiliteshttp://jneen.net/
2016-08-30remove six, and use a Set insteadhttp://jneen.net/
2016-08-30re-enable the cyclomatic complexity checkerhttp://jneen.net/
2016-08-26Fix "Wiki" link not appearing in navigation for projects with external wikiAlejandro Rodríguez
2016-08-20Make Ability#project_abilities return unique values and fix countsStan Hu
2016-08-20Fix assorted rspec failures due to stale, cached user permissionsStan Hu
RequestStore is disabled in tests, but the Ability class was caching user permissions based on the user and project ID of previous test runs. Revise code to use RequestStore only if it is active.
2016-08-17Merge branch 'master' into diff-line-comment-vuejsConnor Shea
2016-08-17Move action to render board lists to `Projects::Boards::ListsController`Douglas Barbosa Alexandre
2016-08-17Turn board for public projects accessible to everyoneDouglas Barbosa Alexandre
2016-08-17Add authorization to issues board related controllersDouglas Barbosa Alexandre
2016-08-13Merge branch 'master' into diff-line-comment-vuejsDouwe Maan
2016-08-04Move abilities by subject class to a dedicated methodRémy Coutable
This will avoid lame conflicts when merging CE to EE Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-08-04Merge branch 'master' into diff-line-comment-vuejsDouwe Maan
# Conflicts: # app/models/discussion.rb # db/schema.rb
2016-07-29Method for returning issues readable by a userYorick Peterse
The method Ability.issues_readable_by_user takes a list of users and an optional user and returns an Array of issues readable by said user. This method in turn is used by Banzai::ReferenceParser::IssueParser#nodes_visible_to_user so this method no longer needs to get all the available abilities just to check if a user has the "read_issue" ability. To test this I benchmarked an issue with 222 comments on my development environment. Using these changes the time spent in nodes_visible_to_user was reduced from around 120 ms to around 40 ms.
2016-07-29Merge branch 'master' into diff-line-comment-vuejsDouwe Maan
# Conflicts: # db/schema.rb
2016-07-27Incorporate review commentsStan Hu
2016-07-27Optimize maximum user access level lookup in loading of notesStan Hu
NotesHelper#note_editable? and ProjectTeam#human_max_access currently take about 16% of the load time of an issue page. This MR preloads the maximum access level of users for all notes in issues and merge requests with several queries instead of one per user and caches the result in RequestStore.
2016-07-26Add access checks for diff note and discussion resolutionDouwe Maan
2016-07-20Fix a few nitpicksRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-20Allow to disable user request access to groups/projectsFelipe Artur
2016-07-15Allow to access Container Registry for Public and Internal projectsKamil Trzcinski
2016-07-05Add a migration to remove requesters that are owners of their projectRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-05Fix condition in Ability and start with cheaper checksRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-07-05New :request_access ability to replace a ugly helperRémy Coutable
- Group / project members cannot request access - Group members cannot request access to a group's project This addresses an issue where project owners could request access to their own project, leading to UI inconsistency where their requester status would replace their owner status. Signed-off-by: Rémy Coutable <remy@rymai.me>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-15 10:15:17 +0300