| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2017-04-12 | Merge branch 'siemens/gitlab-ce-fix/subgroup-hide-button' into 'master' | Rémy Coutable | |
| Hide new subgroup button if user has no permission to create one Closes #30139 See merge request !10627 | |||
| 2017-04-11 | Move permission to create subgroup into GroupPolicy | Dmitriy Zaporozhets | |
| Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
| 2017-03-28 | Use `:empty_project` where possible in policy specs | Robert Speicher | |
| 2017-03-09 | spec the new behavior of .class_for | http://jneen.net/ | |
| and more robustly spec the ancestor behavior | |||
| 2017-03-07 | Improve pipeline triggers UI | Kamil Trzciński | |
| 2017-02-24 | Don't allow deleting a ghost user. | Timothy Andrew | |
| - Add a `destroy_user` ability. This didn't exist before, and was implicit in other abilities (only admins could access the admin area, so only they could destroy all users; a user can only access their own account page, and so can destroy only themselves). - Grant this ability to admins, and when the current user is trying to destroy themselves. Disallow destroying ghost users in all cases. - Modify the `Users::DestroyService` to check this ability. Also check it in views to decide whether or not to show the "Delete User" button. - Add a short summary of the Ghost User to the bio. | |||
| 2017-02-07 | More backport | Douwe Maan | |
| 2017-01-23 | Fix build access policies when pipelines are public | Grzegorz Bizon | |
| 2017-01-18 | More improvements to presenters | Rémy Coutable | |
| Signed-off-by: Rémy Coutable <remy@rymai.me> | |||
| 2017-01-18 | Handle presenters in BasePolicy | Rémy Coutable | |
| Signed-off-by: Rémy Coutable <remy@rymai.me> | |||
| 2016-12-26 | Include group parents into read access for project and group | Dmitriy Zaporozhets | |
| Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
| 2016-12-15 | Add missing group policy spec | Dmitriy Zaporozhets | |
| Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | |||
| 2016-12-04 | Update effected tests | Z.J. van de Weg | |
| 2016-12-04 | Guests can read builds if those are public | Z.J. van de Weg | |
| Fixes #18448 | |||
| 2016-11-30 | Improve ProjectPolicy spec to check permissions when wiki is disabled | Douglas Barbosa Alexandre | |
| 2016-11-07 | Added tests for IssuePolicy | Yorick Peterse | |
| 2016-11-01 | Allow owners to fetch source code in CI builds | Kamil Trzcinski | |
| Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project. | |||
| 2016-10-28 | Add specs for a user from a group link | Sean McGivern | |
| 2016-10-28 | Fix project member access for group links | Sean McGivern | |
| `ProjectTeam#find_member` doesn't take group links into account. It was used in two places: 1. An admin view - it can stay here. 2. `ProjectTeam#member?`, which is often used to decide if a user has access to view something. This second part broke confidential issues viewing. `IssuesFinder` ends up delegating to `Project#authorized_for_user?`, which does consider group links, so users with access to the project via a group link could see confidential issues on the index page. However, `IssuesPolicy` used `ProjectTeam#member?`, so the same user couldn't view the issue when going to it directly. | |||
| 2016-10-11 | Make guests unable to view MRs | Valery Sizov | |
| 2016-10-07 | Improve project policy spec | Alejandro Rodríguez | |
| 2016-09-20 | Test if issue authors can access private projects | Felipe Artur | |
| 2016-08-30 | add project_policy_spec to replace .project_abilities spec | http://jneen.net/ | |
Welcome to mirror list, hosted at ThFree Co, Russian Federation.
 |
index : gitlab.com/gitlab-org/gitlab-foss.git | |
| Unnamed repository; edit this file 'description' to name the repository. | root |
| summaryrefslogtreecommitdiff |