Commit 525ea066 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Move permission to create subgroup into GroupPolicy

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent c6701fef
...@@ -570,10 +570,6 @@ class User < ActiveRecord::Base ...@@ -570,10 +570,6 @@ class User < ActiveRecord::Base
can?(:create_group) can?(:create_group)
end end
def can_create_subgroup?(group)
can?(:create_group) && can?(:admin_group, group)
end
def can_select_namespace? def can_select_namespace?
several_namespaces? || admin several_namespaces? || admin
end end
......
...@@ -28,6 +28,7 @@ class GroupPolicy < BasePolicy ...@@ -28,6 +28,7 @@ class GroupPolicy < BasePolicy
can! :admin_namespace can! :admin_namespace
can! :admin_group_member can! :admin_group_member
can! :change_visibility_level can! :change_visibility_level
can! :create_subgroup if @user.can_create_group
end end
if globally_viewable && @subject.request_access_enabled && !member if globally_viewable && @subject.request_access_enabled && !member
......
...@@ -9,7 +9,7 @@ ...@@ -9,7 +9,7 @@
.nav-controls .nav-controls
= form_tag request.path, method: :get do |f| = form_tag request.path, method: :get do |f|
= search_field_tag :filter_groups, params[:filter_groups], placeholder: 'Filter by name', class: 'form-control', spellcheck: false = search_field_tag :filter_groups, params[:filter_groups], placeholder: 'Filter by name', class: 'form-control', spellcheck: false
- if current_user.can_create_subgroup? @group - if can?(current_user, :create_subgroup, @group)
= link_to new_group_path(parent_id: @group.id), class: 'btn btn-new pull-right' do = link_to new_group_path(parent_id: @group.id), class: 'btn btn-new pull-right' do
New Subgroup New Subgroup
......
---
title: Hide new subgroup button if user has no permission to create one
merge_request:
author:
...@@ -464,28 +464,6 @@ describe User, models: true do ...@@ -464,28 +464,6 @@ describe User, models: true do
it { expect(@user2.several_namespaces?).to be_truthy } it { expect(@user2.several_namespaces?).to be_truthy }
end end
describe 'subgroups' do
let(:group) { create :group }
it 'allows if owner' do
user = create :user
group.add_user(user, GroupMember::OWNER)
expect(user.can_create_subgroup?(group)).to be_truthy
end
it 'disallows if missing right' do
user = create(:user, can_create_group: false)
group.add_user(user, GroupMember::MASTER)
expect(user.can_create_subgroup?(group)).to be_falsey
end
it 'disallows if developer' do
user = create :user
group.add_user(user, GroupMember::DEVELOPER)
expect(user.can_create_subgroup?(group)).to be_falsey
end
end
describe 'namespaced' do describe 'namespaced' do
before do before do
@user = create :user @user = create :user
......
...@@ -22,7 +22,8 @@ describe GroupPolicy, models: true do ...@@ -22,7 +22,8 @@ describe GroupPolicy, models: true do
:admin_group, :admin_group,
:admin_namespace, :admin_namespace,
:admin_group_member, :admin_group_member,
:change_visibility_level :change_visibility_level,
:create_subgroup
] ]
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment