From 5b6202cce1cf7ad5da1fcbfc4e089194311f205b Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Thu, 6 Apr 2017 13:08:45 +0200
Subject: [PATCH] Do not show play action if user not allowed to run it

---
 lib/gitlab/ci/status/build/play.rb           |  2 +-
 spec/lib/gitlab/ci/status/build/play_spec.rb | 12 ++++++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/lib/gitlab/ci/status/build/play.rb b/lib/gitlab/ci/status/build/play.rb
index 3495b8d0448..29d0558a265 100644
--- a/lib/gitlab/ci/status/build/play.rb
+++ b/lib/gitlab/ci/status/build/play.rb
@@ -10,7 +10,7 @@ module Gitlab
           end
 
           def has_action?
-            can?(user, :update_build, subject)
+            can?(user, :update_build, subject) && subject.can_play?(user)
           end
 
           def action_icon
diff --git a/spec/lib/gitlab/ci/status/build/play_spec.rb b/spec/lib/gitlab/ci/status/build/play_spec.rb
index 6c97a4fe5ca..48aeb89e11f 100644
--- a/spec/lib/gitlab/ci/status/build/play_spec.rb
+++ b/spec/lib/gitlab/ci/status/build/play_spec.rb
@@ -17,9 +17,17 @@ describe Gitlab::Ci::Status::Build::Play do
 
     describe '#has_action?' do
       context 'when user is allowed to update build' do
-        before { build.project.team << [user, :developer] }
+        context 'when user can push to branch' do
+          before { build.project.add_master(user) }
 
-        it { is_expected.to have_action }
+          it { is_expected.to have_action }
+        end
+
+        context 'when user can not push to the branch' do
+          before { build.project.add_developer(user) }
+
+          it { is_expected.not_to have_action }
+        end
       end
 
       context 'when user is not allowed to update build' do
-- 
GitLab