From 5564275a0b378298dc6281599cbfe71a937109ff Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Thu, 6 Feb 2020 12:10:29 +0000
Subject: Add latest changes from gitlab-org/gitlab@master

---
 app/policies/base_policy.rb           | 3 +++
 app/policies/concerns/policy_actor.rb | 4 ++++
 app/policies/project_policy.rb        | 2 ++
 3 files changed, 9 insertions(+)

(limited to 'app/policies')

diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index c93a19bdc3d..ce3e5b0195c 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -44,6 +44,9 @@ class BasePolicy < DeclarativePolicy::Base
     ::Gitlab::ExternalAuthorization.perform_check?
   end
 
+  with_options scope: :user, score: 0
+  condition(:alert_bot) { @user&.alert_bot? }
+
   rule { external_authorization_enabled & ~can?(:read_all_resources) }.policy do
     prevent :read_cross_project
   end
diff --git a/app/policies/concerns/policy_actor.rb b/app/policies/concerns/policy_actor.rb
index b963a64b429..406677d7b56 100644
--- a/app/policies/concerns/policy_actor.rb
+++ b/app/policies/concerns/policy_actor.rb
@@ -33,6 +33,10 @@ module PolicyActor
   def can_create_group
     false
   end
+
+  def alert_bot?
+    false
+  end
 end
 
 PolicyActor.prepend_if_ee('EE::PolicyActor')
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index bbcb3c637a9..ee22a2d84e7 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -515,6 +515,8 @@ class ProjectPolicy < BasePolicy
   end
 
   def lookup_access_level!
+    return ::Gitlab::Access::REPORTER if alert_bot?
+
     # NOTE: max_member_access has its own cache
     project.team.max_member_access(@user.id)
   end
-- 
cgit v1.2.3