Commit 951e3459 authored by Rémy Coutable's avatar Rémy Coutable

Use the `can?` helper instead of `current_user.can?`

Fixes #15513.
Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent d5398e96
...@@ -2,7 +2,10 @@ Please view this file on the master branch, on stable branches it's out of date. ...@@ -2,7 +2,10 @@ Please view this file on the master branch, on stable branches it's out of date.
v 8.8.0 (unreleased) v 8.8.0 (unreleased)
v 8.7.0 (unreleased) v 8.7.1 (unreleased)
- Use the `can?` helper instead of `current_user.can?`
v 8.7.0
- Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented - Gitlab::GitAccess and Gitlab::GitAccessWiki are now instrumented
- Fix vulnerability that made it possible to gain access to private labels and milestones - Fix vulnerability that made it possible to gain access to private labels and milestones
- The number of InfluxDB points stored per UDP packet can now be configured - The number of InfluxDB points stored per UDP packet can now be configured
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
group, members with group, members with
%strong #{group_links.human_access} %strong #{group_links.human_access}
role (#{shared_group_users_count}) role (#{shared_group_users_count})
- if current_user.can?(:admin_group, shared_group) - if can?(current_user, :admin_group, shared_group)
.panel-head-actions .panel-head-actions
= link_to group_group_members_path(shared_group), class: 'btn btn-sm' do = link_to group_group_members_path(shared_group), class: 'btn btn-sm' do
%i.fa.fa-pencil-square-o %i.fa.fa-pencil-square-o
......
require 'spec_helper'
feature 'Projects > Members > Anonymous user sees members', feature: true do
let(:user) { create(:user) }
let(:group) { create(:group, :public) }
let(:project) { create(:empty_project, :public) }
background do
project.team << [user, :master]
create(:project_group_link, project: project, group: group)
end
scenario "anonymous user visits the project's members page and sees the list of members" do
visit namespace_project_project_members_path(project.namespace, project)
expect(current_path).to eq(
namespace_project_project_members_path(project.namespace, project))
expect(page).to have_content(user.name)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment