blob: 5baa96b37eec22bb9ad2894a79b9f37549ce7512 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
# frozen_string_literal: true
class IdentityProviderPolicy < BasePolicy
desc "Provider is SAML"
condition(:protected_provider, scope: :subject, score: 0) { @subject.to_s == 'saml' }
rule { anonymous }.prevent_all
rule { default }.policy do
enable :unlink
enable :link
end
rule { protected_provider }.prevent(:unlink)
end
# Added for JiHu
# https://gitlab.com/gitlab-org/gitlab/-/merge_requests/127672#note_1568398967
IdentityProviderPolicy.prepend_mod
|