Skip to content
Snippets Groups Projects
Unverified Commit 2e0e2b22 authored by Timothy Andrew's avatar Timothy Andrew
Browse files

Backport changes from gitlab-org/gitlab-ee!998 

Some changes in EE for the auditor user feature need
to be backported to CE to avoid merge conflicts. This
commit encapsulates all these backports.
parent 4d11903d
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
app/policies/project_policy.rb
+ 28
19
View file @ 2e0e2b22
@@ -214,25 +214,7 @@ class ProjectPolicy < BasePolicy
def anonymous_rules
return unless project.public?
 
can! :read_project
can! :read_board
can! :read_list
can! :read_wiki
can! :read_label
can! :read_milestone
can! :read_project_snippet
can! :read_project_member
can! :read_merge_request
can! :read_note
can! :read_pipeline
can! :read_commit_status
can! :read_container_image
can! :download_code
can! :download_wiki_code
can! :read_cycle_analytics
# NOTE: may be overridden by IssuePolicy
can! :read_issue
base_readonly_access!
 
# Allow to read builds by anonymous user if guests are allowed
can! :read_build if project.public_builds?
@@ -265,4 +247,31 @@ class ProjectPolicy < BasePolicy
:"admin_#{name}"
]
end
private
# A base set of abilities for read-only users, which
# is then augmented as necessary for anonymous and other
# read-only users.
def base_readonly_access!
can! :read_project
can! :read_board
can! :read_list
can! :read_wiki
can! :read_label
can! :read_milestone
can! :read_project_snippet
can! :read_project_member
can! :read_merge_request
can! :read_note
can! :read_pipeline
can! :read_commit_status
can! :read_container_image
can! :download_code
can! :download_wiki_code
can! :read_cycle_analytics
# NOTE: may be overridden by IssuePolicy
can! :read_issue
end
end
app/policies/project_snippet_policy.rb
+ 1
1
View file @ 2e0e2b22
@@ -3,7 +3,7 @@ class ProjectSnippetPolicy < BasePolicy
can! :read_project_snippet if @subject.public?
return unless @user
 
if @user && @subject.author == @user || @user.admin?
if @user && (@subject.author == @user || @user.admin?)
can! :read_project_snippet
can! :update_project_snippet
can! :admin_project_snippet
app/views/projects/notes/_notes_with_form.html.haml
+ 1
1
View file @ 2e0e2b22
@@ -13,7 +13,7 @@
= image_tag avatar_icon(current_user), alt: current_user.to_reference, class: 'avatar s40'
.timeline-content.timeline-content-form
= render "projects/notes/form", view: diff_view
- else
- elsif !current_user
.disabled-comment.text-center
.disabled-comment-text.inline
Please
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment