From 78a4412d00e57068b9e375ea138e837771620fa0 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 28 Jun 2023 19:29:09 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@16-1-stable-ee

---
 app/policies/project_policy.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app')

diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index cdb7c3eca46..c70dc288710 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -670,7 +670,7 @@ class ProjectPolicy < BasePolicy
     enable :read_project_for_iids
   end
 
-  rule { ~project_allowed_for_job_token }.prevent_all
+  rule { ~public_project & ~internal_access & ~project_allowed_for_job_token }.prevent_all
 
   rule { can?(:public_access) }.policy do
     enable :read_package
-- 
cgit v1.2.3