Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/app/policies/base_policy.rb
AgeCommit message (Collapse)Author
2020-04-03Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2020-02-06Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2020-01-31Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-12-17Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-11-06Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-10-10Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-09-26Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-09-13Add latest changes from gitlab-org/gitlab@masterGitLab Bot
2019-06-05preventing blocked users and their PipelineSchdules from creating new Pipelinesdrew cimino
updated several specs and factories to accomodate new permissions
2019-04-09Move Contribution Analytics related spec in ↵Imre Farkas
spec/features/groups/group_page_with_external_authorization_service_spec to EE
2019-04-05Revert "Merge branch 'if-57131-external_auth_to_ce' into 'master'"Andreas Brandl
This reverts merge request !26823
2019-04-05Move Contribution Analytics related spec in ↵Imre Farkas
spec/features/groups/group_page_with_external_authorization_service_spec to EE
2019-01-07Make ProjectSnippetPolicy EE-readyRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2018-07-24Enable frozen string in presenters and policiesgfyoung
Enable frozen string in: * app/presenters * app/policies Partially addresses #47424.
2018-02-22Port `read_cross_project` ability from EEBob Van Landuyt
2017-08-31`current_application_settings` belongs on `Gitlab::CurrentSettings`Sean McGivern
The initializers including this were doing so at the top level, so every object loaded after them had a `current_application_settings` method. However, if someone had rack-attack enabled (which was loaded before these initializers), it would try to load the API, and fail, because `Gitlab::CurrentSettings` didn't have that method. To fix this: 1. Don't include `Gitlab::CurrentSettings` at the top level. We do not need `Object.new.current_application_settings` to work. 2. Make `Gitlab::CurrentSettings` explicitly `extend self`, as we already use it like that in several places. 3. Change the initializers to use that new form.
2017-06-30Merge remote-tracking branch 'origin/master' into ↵Timothy Andrew
34141-allow-unauthenticated-access-to-the-users-api - Modify policy code to work with the `DeclarativePolicy` refactor in 37c401433b76170f0150d70865f1f4584db01fa8.
2017-06-30Implement review comments for !12445 from @godfat and @rymai.Timothy Andrew
- Use `GlobalPolicy` to authorize the users that a non-authenticated user can fetch from `/api/v4/users`. We allow access if the `Gitlab::VisibilityLevel::PUBLIC` visibility level is not restricted. - Further, as before, `/api/v4/users` is only accessible to unauthenticated users if the `username` parameter is passed. - Turn off `authenticate!` for the `/api/v4/users` endpoint by matching on the actual route + method, rather than the description. - Change the type of `current_user` check in `UsersFinder` to be more compatible with EE.
2017-06-29bugfix: use `require_dependency` to bring in DeclarativePolicyhttp://jneen.net/
2017-06-27convert all the policies to DeclarativePolicyhttp://jneen.net/
2017-04-12Do not inherit build policy in pipeline policyGrzegorz Bizon
2017-03-09use a magic default :global symbol instead of nilhttp://jneen.net/
to make sure we mean the global permissions
2017-02-23Enable Rails/DelegateDouwe Maan
2017-01-18More improvements to presentersRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-01-18Handle presenters in BasePolicyRémy Coutable
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-08-31s/NB:/NOTE:/http://jneen.net/
2016-08-30implement RuleSet#size for testshttp://jneen.net/
2016-08-30factor out a RuleSet so that `delegate!` retains @cannothttp://jneen.net/
2016-08-30special-case blocked usershttp://jneen.net/
2016-08-30use the cached abilities in #delegate!http://jneen.net/
2016-08-30factor in global permissionshttp://jneen.net/
2016-08-30add automatic detection of the policy classhttp://jneen.net/
2016-08-30port CommitStatus/Buildhttp://jneen.net/
2016-08-30port issues to Issu{able,e}Policyhttp://jneen.net/
2016-08-30add support for anonymous abilitieshttp://jneen.net/
2016-08-30add policies, and factor out ProjectPolicyhttp://jneen.net/
    generated by cgit v1.2.3 (git 2.25.1) at 2024-09-02 20:58:45 +0300