diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 69bd1f58449d64449ddd36a50fc0a48f906359f8..bfafdeeb1fb81e10556e9ef5c107415475375b47 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -6,10 +6,10 @@ class Projects::IssuesController < Projects::ApplicationController
before_action :authorize_read_issue!
# Allow write(create) issue
- before_action :authorize_write_issue!, only: [:new, :create]
+ before_action :authorize_create_issue!, only: [:new, :create]
# Allow modify issue
- before_action :authorize_modify_issue!, only: [:edit, :update]
+ before_action :authorize_update_issue!, only: [:edit, :update]
# Allow issues bulk update
before_action :authorize_admin_issues!, only: [:bulk_update]
@@ -122,8 +122,8 @@ class Projects::IssuesController < Projects::ApplicationController
end
end
- def authorize_modify_issue!
- return render_404 unless can?(current_user, :modify_issue, @issue)
+ def authorize_update_issue!
+ return render_404 unless can?(current_user, :update_issue, @issue)
end
def authorize_admin_issues!
diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb
index a13688305b73375726a1ae041d6fd68362fda873..d12651983187b65eb4a14e88704a1ea49a33b332 100644
--- a/app/controllers/projects/merge_requests_controller.rb
+++ b/app/controllers/projects/merge_requests_controller.rb
@@ -14,10 +14,10 @@ class Projects::MergeRequestsController < Projects::ApplicationController
before_action :authorize_read_merge_request!
# Allow write(create) merge_request
- before_action :authorize_write_merge_request!, only: [:new, :create]
+ before_action :authorize_create_merge_request!, only: [:new, :create]
# Allow modify merge_request
- before_action :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort]
+ before_action :authorize_update_merge_request!, only: [:close, :edit, :update, :sort]
def index
terms = params['issue_search']
@@ -218,8 +218,8 @@ class Projects::MergeRequestsController < Projects::ApplicationController
@closes_issues ||= @merge_request.closes_issues
end
- def authorize_modify_merge_request!
- return render_404 unless can?(current_user, :modify_merge_request, @merge_request)
+ def authorize_update_merge_request!
+ return render_404 unless can?(current_user, :update_merge_request, @merge_request)
end
def authorize_admin_merge_request!
diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb
index f3e521adb696e3f2c4bfbaa0722b2443b2943b8b..c4a87e9dbd824a85b222991ec2d0523b4a2057f0 100644
--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
@@ -1,7 +1,7 @@
class Projects::NotesController < Projects::ApplicationController
# Authorize
before_action :authorize_read_note!
- before_action :authorize_write_note!, only: [:create]
+ before_action :authorize_create_note!, only: [:create]
before_action :authorize_admin_note!, only: [:update, :destroy]
before_action :find_current_user_notes, except: [:destroy, :delete_attachment]
diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb
index 3d75abcc29d5171912058796b0d93c0e66561288..643066374230cc5038b21410659073d0af473517 100644
--- a/app/controllers/projects/snippets_controller.rb
+++ b/app/controllers/projects/snippets_controller.rb
@@ -6,10 +6,10 @@ class Projects::SnippetsController < Projects::ApplicationController
before_action :authorize_read_project_snippet!
# Allow write(create) snippet
- before_action :authorize_write_project_snippet!, only: [:new, :create]
+ before_action :authorize_create_project_snippet!, only: [:new, :create]
# Allow modify snippet
- before_action :authorize_modify_project_snippet!, only: [:edit, :update]
+ before_action :authorize_update_project_snippet!, only: [:edit, :update]
# Allow destroy snippet
before_action :authorize_admin_project_snippet!, only: [:destroy]
@@ -75,8 +75,8 @@ class Projects::SnippetsController < Projects::ApplicationController
@snippet ||= @project.snippets.find(params[:id])
end
- def authorize_modify_project_snippet!
- return render_404 unless can?(current_user, :modify_project_snippet, @snippet)
+ def authorize_update_project_snippet!
+ return render_404 unless can?(current_user, :update_project_snippet, @snippet)
end
def authorize_admin_project_snippet!
diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb
index 36ef86e190973374af9fab4cfcf1675e4c067e2a..50512cb6dc359769c3932e3b85ba8d9300e89b78 100644
--- a/app/controllers/projects/wikis_controller.rb
+++ b/app/controllers/projects/wikis_controller.rb
@@ -2,7 +2,7 @@ require 'project_wiki'
class Projects::WikisController < Projects::ApplicationController
before_action :authorize_read_wiki!
- before_action :authorize_write_wiki!, only: [:edit, :create, :history]
+ before_action :authorize_create_wiki!, only: [:edit, :create, :history]
before_action :authorize_admin_wiki!, only: :destroy
before_action :load_project_wiki
include WikiHelper
@@ -28,7 +28,7 @@ class Projects::WikisController < Projects::ApplicationController
)
end
else
- return render('empty') unless can?(current_user, :write_wiki, @project)
+ return render('empty') unless can?(current_user, :create_wiki, @project)
@page = WikiPage.new(@project_wiki)
@page.title = params[:id]
@@ -43,7 +43,7 @@ class Projects::WikisController < Projects::ApplicationController
def update
@page = @project_wiki.find_page(params[:id])
- return render('empty') unless can?(current_user, :write_wiki, @project)
+ return render('empty') unless can?(current_user, :create_wiki, @project)
if @page.update(content, format, message)
redirect_to(
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index cf672c5c0932b05b8a34d20aaed6e8a09460c98f..8e7e45c781f53a43b2baa58399a21a42fe117393 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -2,7 +2,7 @@ class SnippetsController < ApplicationController
before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
# Allow modify snippet
- before_action :authorize_modify_snippet!, only: [:edit, :update]
+ before_action :authorize_update_snippet!, only: [:edit, :update]
# Allow destroy snippet
before_action :authorize_admin_snippet!, only: [:destroy]
@@ -87,8 +87,8 @@ class SnippetsController < ApplicationController
end
end
- def authorize_modify_snippet!
- return render_404 unless can?(current_user, :modify_personal_snippet, @snippet)
+ def authorize_update_snippet!
+ return render_404 unless can?(current_user, :update_personal_snippet, @snippet)
end
def authorize_admin_snippet!
diff --git a/app/models/ability.rb b/app/models/ability.rb
index c90c99c5b5f952d476ff2f12fd92437382af7d8f..3ee3a7857ee11dc27a89954f5f439ce0132398f9 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -68,6 +68,7 @@ class Ability
def project_abilities(user, project)
rules = []
key = "/user/#{user.id}/project/#{project.id}"
+
RequestStore.store[key] ||= begin
team = project.team
@@ -144,9 +145,9 @@ class Ability
:read_project_member,
:read_merge_request,
:read_note,
- :write_project,
- :write_issue,
- :write_note
+ :create_project,
+ :create_issue,
+ :create_note
]
end
@@ -154,15 +155,15 @@ class Ability
project_guest_rules + [
:download_code,
:fork_project,
- :write_project_snippet
+ :create_project_snippet
]
end
def project_dev_rules
project_report_rules + [
- :write_merge_request,
- :write_wiki,
- :modify_issue,
+ :create_merge_request,
+ :create_wiki,
+ :update_issue,
:admin_issue,
:admin_label,
:push_code
@@ -171,10 +172,10 @@ class Ability
def project_archived_rules
[
- :write_merge_request,
+ :create_merge_request,
:push_code,
:push_code_to_protected_branches,
- :modify_merge_request,
+ :update_merge_request,
:admin_merge_request
]
end
@@ -182,9 +183,8 @@ class Ability
def project_master_rules
project_dev_rules + [
:push_code_to_protected_branches,
- :modify_issue,
- :modify_project_snippet,
- :modify_merge_request,
+ :update_project_snippet,
+ :update_merge_request,
:admin_milestone,
:admin_project_snippet,
:admin_project_member,
@@ -244,30 +244,40 @@ class Ability
rules.flatten
end
- [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name|
+
+ [:issue, :merge_request].each do |name|
define_method "#{name}_abilities" do |user, subject|
- if subject.author == user || user.is_admin?
- rules = [
+ rules = []
+
+ if subject.author == user || (subject.respond_to?(:assignee) && subject.assignee == user)
+ rules += [
:"read_#{name}",
- :"write_#{name}",
- :"modify_#{name}",
- :"admin_#{name}"
+ :"update_#{name}",
]
- rules.push(:change_visibility_level) if subject.is_a?(Snippet)
- rules
- elsif subject.respond_to?(:assignee) && subject.assignee == user
- [
+ end
+
+ rules += project_abilities(user, subject.project)
+ rules
+ end
+ end
+
+ [:note, :project_snippet, :personal_snippet].each do |name|
+ define_method "#{name}_abilities" do |user, subject|
+ rules = []
+
+ if subject.author == user
+ rules += [
:"read_#{name}",
- :"write_#{name}",
- :"modify_#{name}",
+ :"update_#{name}",
+ :"admin_#{name}"
]
- else
- if subject.respond_to?(:project) && subject.project
- project_abilities(user, subject.project)
- else
- []
- end
end
+
+ if subject.respond_to?(:project) && subject.project
+ rules += project_abilities(user, subject.project)
+ end
+
+ rules
end
end
@@ -276,13 +286,16 @@ class Ability
target_user = subject.user
group = subject.group
can_manage = group_abilities(user, group).include?(:admin_group)
+
if can_manage && (user != target_user)
- rules << :modify_group_member
+ rules << :update_group_member
rules << :destroy_group_member
end
+
if !group.last_owner?(user) && (can_manage || (user == target_user))
rules << :destroy_group_member
end
+
rules
end
@@ -299,8 +312,8 @@ class Ability
def named_abilities(name)
[
:"read_#{name}",
- :"write_#{name}",
- :"modify_#{name}",
+ :"create_#{name}",
+ :"update_#{name}",
:"admin_#{name}"
]
end
diff --git a/app/services/issues/bulk_update_service.rb b/app/services/issues/bulk_update_service.rb
index eb07413ee9439e393b266049fc9aa2d3c9f1ec8e..de8387c49008c76b78344668495964385fdc4302 100644
--- a/app/services/issues/bulk_update_service.rb
+++ b/app/services/issues/bulk_update_service.rb
@@ -10,7 +10,7 @@ module Issues
issues = Issue.where(id: issues_ids)
issues.each do |issue|
- next unless can?(current_user, :modify_issue, issue)
+ next unless can?(current_user, :update_issue, issue)
Issues::UpdateService.new(issue.project, current_user, issue_params).execute(issue)
end
diff --git a/app/services/update_snippet_service.rb b/app/services/update_snippet_service.rb
index 9d181c2d2aba1d3edaaa84cbe37c129105feea2a..e9328bb7323a3daafaf406d98c1be86334fa74b3 100644
--- a/app/services/update_snippet_service.rb
+++ b/app/services/update_snippet_service.rb
@@ -9,9 +9,9 @@ class UpdateSnippetService < BaseService
def execute
# check that user is allowed to set specified visibility_level
new_visibility = params[:visibility_level]
+
if new_visibility && new_visibility.to_i != snippet.visibility_level
- unless can?(current_user, :change_visibility_level, snippet) &&
- Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
+ unless Gitlab::VisibilityLevel.allowed_for?(current_user, new_visibility)
deny_visibility_level(snippet, new_visibility)
return snippet
end
diff --git a/app/views/groups/group_members/_group_member.html.haml b/app/views/groups/group_members/_group_member.html.haml
index ec39a755f0f2a736030a89c4a74805f215415aa5..b460e0ff59ea6065fa1087af27b35bbe9d97a8ec 100644
--- a/app/views/groups/group_members/_group_member.html.haml
+++ b/app/views/groups/group_members/_group_member.html.haml
@@ -32,7 +32,7 @@
%span.pull-right
%strong= member.human_access
- if show_controls
- - if can?(current_user, :modify_group_member, member)
+ - if can?(current_user, :update_group_member, member)
= button_tag class: "btn-xs btn js-toggle-button",
title: 'Edit access level', type: 'button' do
%i.fa.fa-pencil-square-o
diff --git a/app/views/projects/_aside.html.haml b/app/views/projects/_aside.html.haml
index 86a807a0caef79c615346d65e673d5109946bc3d..72aea8814f57255deb31c7e0e35c8c2d31bc40de 100644
--- a/app/views/projects/_aside.html.haml
+++ b/app/views/projects/_aside.html.haml
@@ -22,11 +22,11 @@
Contribution guide
.actions
- - if can? current_user, :write_issue, @project
+ - if can? current_user, :create_issue, @project
= link_to url_for_new_issue(@project, only_path: true), title: "New Issue", class: 'btn btn-sm append-right-10' do
New Issue
- - if can? current_user, :write_merge_request, @project
+ - if can? current_user, :create_merge_request, @project
= link_to new_namespace_project_merge_request_path(@project.namespace, @project), class: "btn btn-sm", title: "New Merge Request" do
New Merge Request
diff --git a/app/views/projects/diffs/_parallel_view.html.haml b/app/views/projects/diffs/_parallel_view.html.haml
index cb41dd852d35254860aca602b4e311e830f0d49f..37fd1b1ec8a34d4ce6a276f4e38e681af01164a0 100644
--- a/app/views/projects/diffs/_parallel_view.html.haml
+++ b/app/views/projects/diffs/_parallel_view.html.haml
@@ -18,7 +18,7 @@
- elsif type_left == 'old' || type_left.nil?
%td.old_line{id: line_code_left, class: "#{type_left}"}
= link_to raw(line_number_left), "##{line_code_left}", id: line_code_left
- - if @comments_allowed && can?(current_user, :write_note, @project)
+ - if @comments_allowed && can?(current_user, :create_note, @project)
= link_to_new_diff_note(line_code_left, 'old')
%td.line_content{class: "parallel noteable_line #{type_left} #{line_code_left}", "line_code" => line_code_left }= raw line_content_left
@@ -31,7 +31,7 @@
%td.new_line{id: new_line_code, class: "#{new_line_class}", data: { linenumber: line_number_right }}
= link_to raw(line_number_right), "##{new_line_code}", id: new_line_code
- - if @comments_allowed && can?(current_user, :write_note, @project)
+ - if @comments_allowed && can?(current_user, :create_note, @project)
= link_to_new_diff_note(line_code_right, 'new')
%td.line_content.parallel{class: "noteable_line #{new_line_class} #{new_line_code}", "line_code" => new_line_code}= raw line_content_right
diff --git a/app/views/projects/diffs/_text_file.html.haml b/app/views/projects/diffs/_text_file.html.haml
index a6373181b45f7084c84eb0defe662e80182fa2d1..ed4c601bcdbab7404154b9b12a88513addccde00 100644
--- a/app/views/projects/diffs/_text_file.html.haml
+++ b/app/views/projects/diffs/_text_file.html.haml
@@ -16,7 +16,7 @@
- else
%td.old_line
= link_to raw(type == "new" ? " " : line_old), "##{line_code}", id: line_code
- - if @comments_allowed && can?(current_user, :write_note, @project)
+ - if @comments_allowed && can?(current_user, :create_note, @project)
= link_to_new_diff_note(line_code)
%td.new_line{data: {linenumber: line.new_pos}}
= link_to raw(type == "old" ? " " : line.new_pos) , "##{line_code}", id: line_code
diff --git a/app/views/projects/issues/_discussion.html.haml b/app/views/projects/issues/_discussion.html.haml
index a099e5972945a0556515481e4d4f8ad398d5cc3d..f61ae95720819c8b0c1e7e868ec7e946b113e901 100644
--- a/app/views/projects/issues/_discussion.html.haml
+++ b/app/views/projects/issues/_discussion.html.haml
@@ -1,5 +1,5 @@
- content_for :note_actions do
- - if can?(current_user, :modify_issue, @issue)
+ - if can?(current_user, :update_issue, @issue)
- if @issue.closed?
= link_to 'Reopen Issue', issue_path(@issue, issue: {state_event: :reopen}, status_only: true), method: :put, class: 'btn btn-grouped btn-reopen js-note-target-reopen', title: 'Reopen Issue'
- else
diff --git a/app/views/projects/issues/index.html.haml b/app/views/projects/issues/index.html.haml
index 2785ff25e69db688af556b22fe92dcf7d53084bd..d06225f5488e2e4a487d7468337595b7f46ccdd4 100644
--- a/app/views/projects/issues/index.html.haml
+++ b/app/views/projects/issues/index.html.haml
@@ -13,7 +13,7 @@
= render 'shared/issuable/search_form', path: namespace_project_issues_path(@project.namespace, @project)
- - if can? current_user, :write_issue, @project
+ - if can? current_user, :create_issue, @project
= link_to new_namespace_project_issue_path(@project.namespace, @project, issue: { assignee_id: @issuable_finder.assignee.try(:id), milestone_id: @issuable_finder.milestones.try(:first).try(:id) }), class: "btn btn-new pull-left", title: "New Issue", id: "new_issue_link" do
%i.fa.fa-plus
New Issue
diff --git a/app/views/projects/issues/show.html.haml b/app/views/projects/issues/show.html.haml
index 5bbb1fd4e92623a1ca93d2a2ae5b337f41090c30..54d33a5ddd13eca178666232fd577dd9e79e4a66 100644
--- a/app/views/projects/issues/show.html.haml
+++ b/app/views/projects/issues/show.html.haml
@@ -12,11 +12,11 @@
· created by #{link_to_member(@project, @issue.author)} #{issue_timestamp(@issue)}
.pull-right
- - if can?(current_user, :write_issue, @project)
+ - if can?(current_user, :create_issue, @project)
= link_to new_namespace_project_issue_path(@project.namespace, @project), class: 'btn btn-grouped new-issue-link', title: 'New Issue', id: 'new_issue_link' do
= icon('plus')
New Issue
- - if can?(current_user, :modify_issue, @issue)
+ - if can?(current_user, :update_issue, @issue)
- if @issue.closed?
= link_to 'Reopen', issue_path(@issue, issue: {state_event: :reopen}, status_only: true), method: :put, class: 'btn btn-grouped btn-reopen'
- else
@@ -31,7 +31,7 @@
= gfm escape_once(@issue.title)
%div
- if @issue.description.present?
- .description{class: can?(current_user, :modify_issue, @issue) ? 'js-task-list-container' : ''}
+ .description{class: can?(current_user, :update_issue, @issue) ? 'js-task-list-container' : ''}
.wiki
= preserve do
= markdown(@issue.description)
diff --git a/app/views/projects/merge_requests/_discussion.html.haml b/app/views/projects/merge_requests/_discussion.html.haml
index 76088b9c862c51b8e3ec98054af5c78db9055af9..f855dfec3218d11263dd6384b8ec25a2595d059d 100644
--- a/app/views/projects/merge_requests/_discussion.html.haml
+++ b/app/views/projects/merge_requests/_discussion.html.haml
@@ -1,5 +1,5 @@
- content_for :note_actions do
- - if can?(current_user, :modify_merge_request, @merge_request)
+ - if can?(current_user, :update_merge_request, @merge_request)
- if @merge_request.open?
= link_to 'Close', merge_request_path(@merge_request, merge_request: {state_event: :close }), method: :put, class: "btn btn-grouped btn-close close-mr-link js-note-target-close", title: "Close merge request"
- if @merge_request.closed?
diff --git a/app/views/projects/merge_requests/index.html.haml b/app/views/projects/merge_requests/index.html.haml
index 750cc3e6eea4e8cfdcdf16a1a94692c40357f092..e0bc1df97ee1f00dcc40bbdd3295de5ec3d1ba3f 100644
--- a/app/views/projects/merge_requests/index.html.haml
+++ b/app/views/projects/merge_requests/index.html.haml
@@ -3,7 +3,7 @@
.pull-right
= render 'shared/issuable/search_form', path: namespace_project_merge_requests_path(@project.namespace, @project)
- - if can? current_user, :write_merge_request, @project
+ - if can? current_user, :create_merge_request, @project
.pull-left.hidden-xs
= link_to new_namespace_project_merge_request_path(@project.namespace, @project), class: "btn btn-new", title: "New Merge Request" do
%i.fa.fa-plus
diff --git a/app/views/projects/merge_requests/show/_mr_box.html.haml b/app/views/projects/merge_requests/show/_mr_box.html.haml
index b3470ba37d6d416226e8ac980e88b937a9227f46..e3cd4346872feb0e119b8cc59e85117d090bb3e7 100644
--- a/app/views/projects/merge_requests/show/_mr_box.html.haml
+++ b/app/views/projects/merge_requests/show/_mr_box.html.haml
@@ -3,7 +3,7 @@
%div
- if @merge_request.description.present?
- .description{class: can?(current_user, :modify_merge_request, @merge_request) ? 'js-task-list-container' : ''}
+ .description{class: can?(current_user, :update_merge_request, @merge_request) ? 'js-task-list-container' : ''}
.wiki
= preserve do
= markdown(@merge_request.description)
diff --git a/app/views/projects/merge_requests/show/_mr_title.html.haml b/app/views/projects/merge_requests/show/_mr_title.html.haml
index 83baf157a92d1116c4ffd2918fe160f505abfa75..4e8144b4de2a86056b65242e978d9923d7f06825 100644
--- a/app/views/projects/merge_requests/show/_mr_title.html.haml
+++ b/app/views/projects/merge_requests/show/_mr_title.html.haml
@@ -7,7 +7,7 @@
created by #{link_to_member(@project, @merge_request.author)} #{time_ago_with_tooltip(@merge_request.created_at)}
.issue-btn-group.pull-right
- - if can?(current_user, :modify_merge_request, @merge_request)
+ - if can?(current_user, :update_merge_request, @merge_request)
- if @merge_request.open?
= link_to 'Close', merge_request_path(@merge_request, merge_request: { state_event: :close }), method: :put, class: "btn btn-grouped btn-close", title: "Close merge request"
= link_to edit_namespace_project_merge_request_path(@project.namespace, @project, @merge_request), class: "btn btn-grouped issuable-edit", id: "edit_merge_request" do
diff --git a/app/views/projects/milestones/show.html.haml b/app/views/projects/milestones/show.html.haml
index 5c85092a045c9403c756d033f9805766b34e9bc2..5947498e379b1ccaac58d3a5a67ff0bd3a29ba48 100644
--- a/app/views/projects/milestones/show.html.haml
+++ b/app/views/projects/milestones/show.html.haml
@@ -62,7 +62,7 @@
%span.badge= @users.count
.pull-right
- - if can?(current_user, :write_issue, @project)
+ - if can?(current_user, :create_issue, @project)
= link_to new_namespace_project_issue_path(@project.namespace, @project, issue: { milestone_id: @milestone.id }), class: "btn btn-grouped", title: "New Issue" do
%i.fa.fa-plus
New Issue
diff --git a/app/views/projects/notes/_notes_with_form.html.haml b/app/views/projects/notes/_notes_with_form.html.haml
index a202e74a89276b62904fd8750620d900e5d2d218..04222b8f7c47e10d7e2d3922c3235a6fd6c2bde9 100644
--- a/app/views/projects/notes/_notes_with_form.html.haml
+++ b/app/views/projects/notes/_notes_with_form.html.haml
@@ -3,7 +3,7 @@
.js-notes-busy
.js-main-target-form
-- if can? current_user, :write_note, @project
+- if can? current_user, :create_note, @project
= render "projects/notes/form", view: params[:view]
:javascript
diff --git a/app/views/projects/snippets/index.html.haml b/app/views/projects/snippets/index.html.haml
index da9401bd8c1625a3308629ddd4afbd9251dcf3fd..30081673ffc76b4c2850a98b8358cf327b4bfa4c 100644
--- a/app/views/projects/snippets/index.html.haml
+++ b/app/views/projects/snippets/index.html.haml
@@ -1,7 +1,7 @@
- page_title "Snippets"
%h3.page-title
Snippets
- - if can? current_user, :write_project_snippet, @project
+ - if can? current_user, :create_project_snippet, @project
= link_to new_namespace_project_snippet_path(@project.namespace, @project), class: "btn btn-new pull-right", title: "New Snippet" do
Add new snippet
diff --git a/app/views/projects/snippets/show.html.haml b/app/views/projects/snippets/show.html.haml
index 5725d804df3f7a18b57d10bb176c1a6904ed7b37..8cbb813c75899bbbbd343018c8b250d74720e42e 100644
--- a/app/views/projects/snippets/show.html.haml
+++ b/app/views/projects/snippets/show.html.haml
@@ -28,7 +28,7 @@
= @snippet.file_name
.file-actions
.btn-group
- - if can?(current_user, :modify_project_snippet, @snippet)
+ - if can?(current_user, :update_project_snippet, @snippet)
= link_to "edit", edit_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-sm", title: 'Edit Snippet'
= link_to "raw", raw_namespace_project_snippet_path(@project.namespace, @project, @snippet), class: "btn btn-sm", target: "_blank"
- if can?(current_user, :admin_project_snippet, @snippet)
diff --git a/app/views/projects/wikis/_main_links.html.haml b/app/views/projects/wikis/_main_links.html.haml
index 633214a4e869f9d091a47b2968298b5bfa046c4c..788bb8cf1e2abfefbf5a0283d56557f5298c65b5 100644
--- a/app/views/projects/wikis/_main_links.html.haml
+++ b/app/views/projects/wikis/_main_links.html.haml
@@ -2,7 +2,7 @@
- if (@page && @page.persisted?)
= link_to history_namespace_project_wiki_path(@project.namespace, @project, @page), class: "btn btn-grouped" do
Page History
- - if can?(current_user, :write_wiki, @project)
+ - if can?(current_user, :create_wiki, @project)
= link_to edit_namespace_project_wiki_path(@project.namespace, @project, @page), class: "btn btn-grouped" do
%i.fa.fa-pencil-square-o
Edit
diff --git a/app/views/projects/wikis/_nav.html.haml b/app/views/projects/wikis/_nav.html.haml
index 693c3facb3286c1f8e9805d2e37fcfe578ee6448..804a1b52dbe3303778364d33e14871d82b348609 100644
--- a/app/views/projects/wikis/_nav.html.haml
+++ b/app/views/projects/wikis/_nav.html.haml
@@ -10,7 +10,7 @@
%i.fa.fa-download
Git Access
- - if can?(current_user, :write_wiki, @project)
+ - if can?(current_user, :create_wiki, @project)
.pull-right
= link_to '#modal-new-wiki', class: "add-new-wiki btn btn-new", "data-toggle" => "modal" do
%i.fa.fa-plus
diff --git a/app/views/snippets/show.html.haml b/app/views/snippets/show.html.haml
index 70a95abde6f2be3dfd9a6f068a85949637ef61d1..089e81229188688a0a5c0815c474b970a178a2a5 100644
--- a/app/views/snippets/show.html.haml
+++ b/app/views/snippets/show.html.haml
@@ -36,7 +36,7 @@
= @snippet.file_name
.file-actions
.btn-group
- - if can?(current_user, :modify_personal_snippet, @snippet)
+ - if can?(current_user, :update_personal_snippet, @snippet)
= link_to "edit", edit_snippet_path(@snippet), class: "btn btn-sm", title: 'Edit Snippet'
= link_to "raw", raw_snippet_path(@snippet), class: "btn btn-sm", target: "_blank"
- if can?(current_user, :admin_personal_snippet, @snippet)
diff --git a/lib/api/issues.rb b/lib/api/issues.rb
index 4d632ce77c10b60ec4bedaa0f4b52069824f8a9d..6e7a767207027416154c66154b0ec7b7a942b148 100644
--- a/lib/api/issues.rb
+++ b/lib/api/issues.rb
@@ -144,7 +144,7 @@ module API
# PUT /projects/:id/issues/:issue_id
put ":id/issues/:issue_id" do
issue = user_project.issues.find(params[:issue_id])
- authorize! :modify_issue, issue
+ authorize! :update_issue, issue
attrs = attributes_for_keys [:title, :description, :assignee_id, :milestone_id, :state_event]
# Validate label names in advance
diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb
index d835dce2deda516937a8aa646361b2faa5606ac4..aa43e1dffd9ffa7e06941b673748c03fa1bd03b4 100644
--- a/lib/api/merge_requests.rb
+++ b/lib/api/merge_requests.rb
@@ -109,7 +109,7 @@ module API
# POST /projects/:id/merge_requests
#
post ":id/merge_requests" do
- authorize! :write_merge_request, user_project
+ authorize! :create_merge_request, user_project
required_attributes! [:source_branch, :target_branch, :title]
attrs = attributes_for_keys [:source_branch, :target_branch, :assignee_id, :title, :target_project_id, :description]
@@ -149,7 +149,7 @@ module API
put ":id/merge_request/:merge_request_id" do
attrs = attributes_for_keys [:target_branch, :assignee_id, :title, :state_event, :description]
merge_request = user_project.merge_requests.find(params[:merge_request_id])
- authorize! :modify_merge_request, merge_request
+ authorize! :update_merge_request, merge_request
# Ensure source_branch is not specified
if params[:source_branch].present?
diff --git a/lib/api/project_snippets.rb b/lib/api/project_snippets.rb
index 54f2555903f0e3ed11f81f8a09e517ae296a7cf6..22ce3c6a0668ebfa228a0558575c657077704b91 100644
--- a/lib/api/project_snippets.rb
+++ b/lib/api/project_snippets.rb
@@ -46,7 +46,7 @@ module API
# Example Request:
# POST /projects/:id/snippets
post ":id/snippets" do
- authorize! :write_project_snippet, user_project
+ authorize! :create_project_snippet, user_project
required_attributes! [:title, :file_name, :code, :visibility_level]
attrs = attributes_for_keys [:title, :file_name, :visibility_level]
@@ -74,7 +74,7 @@ module API
# PUT /projects/:id/snippets/:snippet_id
put ":id/snippets/:snippet_id" do
@snippet = user_project.snippets.find(params[:snippet_id])
- authorize! :modify_project_snippet, @snippet
+ authorize! :update_project_snippet, @snippet
attrs = attributes_for_keys [:title, :file_name, :visibility_level]
attrs[:content] = params[:code] if params[:code].present?
@@ -98,7 +98,7 @@ module API
delete ":id/snippets/:snippet_id" do
begin
@snippet = user_project.snippets.find(params[:snippet_id])
- authorize! :modify_project_snippet, @snippet
+ authorize! :update_project_snippet, @snippet
@snippet.destroy
rescue
not_found!('Snippet')
diff --git a/lib/gitlab/git_access_wiki.rb b/lib/gitlab/git_access_wiki.rb
index 8ba97184e69fdf8dfc1db8581629a358d6372d3e..8672cbc0ec44ad4a276557dfec60faa24836c5ce 100644
--- a/lib/gitlab/git_access_wiki.rb
+++ b/lib/gitlab/git_access_wiki.rb
@@ -1,7 +1,7 @@
module Gitlab
class GitAccessWiki < GitAccess
def change_access_check(change)
- if user.can?(:write_wiki, project)
+ if user.can?(:create_wiki, project)
build_status_object(true)
else
build_status_object(false, "You are not allowed to write to this project's wiki.")
diff --git a/spec/models/members/project_member_spec.rb b/spec/models/members/project_member_spec.rb
index 5c72cfe1d6a0bcfa6efc317d522708b8cf009f20..ee912bf12a2017e72cf154043ad2c7ec5cff99d1 100644
--- a/spec/models/members/project_member_spec.rb
+++ b/spec/models/members/project_member_spec.rb
@@ -43,7 +43,7 @@ describe ProjectMember do
it { expect(@project_2.users).to include(@user_1) }
it { expect(@project_2.users).to include(@user_2) }
- it { expect(@abilities.allowed?(@user_1, :write_project, @project_2)).to be_truthy }
+ it { expect(@abilities.allowed?(@user_1, :create_project, @project_2)).to be_truthy }
it { expect(@abilities.allowed?(@user_2, :read_project, @project_2)).to be_truthy }
end
diff --git a/spec/models/note_spec.rb b/spec/models/note_spec.rb
index 9037992bb08956340e3b7c922a76351b7c6af5c8..eba33dd510f68554c201575e0db39bcb6e8b9602 100644
--- a/spec/models/note_spec.rb
+++ b/spec/models/note_spec.rb
@@ -172,9 +172,9 @@ describe Note do
@p2.project_members.create(user: @u3, access_level: ProjectMember::DEVELOPER)
end
- it { expect(@abilities.allowed?(@u1, :write_note, @p1)).to be_falsey }
- it { expect(@abilities.allowed?(@u2, :write_note, @p1)).to be_truthy }
- it { expect(@abilities.allowed?(@u3, :write_note, @p1)).to be_falsey }
+ it { expect(@abilities.allowed?(@u1, :create_note, @p1)).to be_falsey }
+ it { expect(@abilities.allowed?(@u2, :create_note, @p1)).to be_truthy }
+ it { expect(@abilities.allowed?(@u3, :create_note, @p1)).to be_falsey }
end
describe 'admin' do