• Alejandro Rodríguez's avatar
    Return max group access level in the projects API · ab94a5a5
    Alejandro Rodríguez authored
    Currently if a project is inside a nested group and a user doesn't have
    specific permissions for that group but does have permissions on a
    parent group the `GET /projects/:id` API call will return the following
    permissions:
    
    ```json
    permissions: { project_access: null, group_access: null }
    ```
    
    It could also happen that the group specific permissions are of lower
    level than the ones the user has in parent groups. This patch makes it
    so that the permission returned for `group_access` is the highest from
    amongst the hierarchy, which is (ostensibly) the information that the
    API user is interested in for that field.
    ab94a5a5
entities.rb 48.7 KB