Commit 15743123 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'master' of gitlab.com:gitlab-org/gitlab-ce

parents 36ecc6d3 87df927f
...@@ -25,6 +25,7 @@ v 7.13.0 (unreleased) ...@@ -25,6 +25,7 @@ v 7.13.0 (unreleased)
- Explicit error when commit not found in the CI - Explicit error when commit not found in the CI
- Improve performance for issue and merge request pages - Improve performance for issue and merge request pages
- Users with guest access level can not set assignee, labels or milestones for issue and merge request - Users with guest access level can not set assignee, labels or milestones for issue and merge request
- Reporter role can manage issue tracker now: edit any issue, set assignee or milestone and manage labels
v 7.12.0 v 7.12.0
- Fix Error 500 when one user attempts to access a personal, internal snippet (Stan Hu) - Fix Error 500 when one user attempts to access a personal, internal snippet (Stan Hu)
......
...@@ -9,7 +9,7 @@ gem "default_value_for", "~> 3.0.0" ...@@ -9,7 +9,7 @@ gem "default_value_for", "~> 3.0.0"
gem "mysql2", group: :mysql gem "mysql2", group: :mysql
gem "pg", group: :postgres gem "pg", group: :postgres
# Auth # Authentication libraries
gem "devise", '3.2.4' gem "devise", '3.2.4'
gem "devise-async", '0.9.0' gem "devise-async", '0.9.0'
gem 'omniauth', "~> 1.2.2" gem 'omniauth', "~> 1.2.2"
......
...@@ -155,7 +155,10 @@ class Ability ...@@ -155,7 +155,10 @@ class Ability
project_guest_rules + [ project_guest_rules + [
:download_code, :download_code,
:fork_project, :fork_project,
:create_project_snippet :create_project_snippet,
:update_issue,
:admin_issue,
:admin_label,
] ]
end end
...@@ -163,9 +166,6 @@ class Ability ...@@ -163,9 +166,6 @@ class Ability
project_report_rules + [ project_report_rules + [
:create_merge_request, :create_merge_request,
:create_wiki, :create_wiki,
:update_issue,
:admin_issue,
:admin_label,
:push_code :push_code
] ]
end end
......
...@@ -15,6 +15,8 @@ If a user is a GitLab administrator they receive all permissions. ...@@ -15,6 +15,8 @@ If a user is a GitLab administrator they receive all permissions.
| Pull project code | | ✓ | ✓ | ✓ | ✓ | | Pull project code | | ✓ | ✓ | ✓ | ✓ |
| Download project | | ✓ | ✓ | ✓ | ✓ | | Download project | | ✓ | ✓ | ✓ | ✓ |
| Create code snippets | | ✓ | ✓ | ✓ | ✓ | | Create code snippets | | ✓ | ✓ | ✓ | ✓ |
| Manage issue tracker | | ✓ | ✓ | ✓ | ✓ |
| Manage labels | | ✓ | ✓ | ✓ | ✓ |
| Create new merge request | | | ✓ | ✓ | ✓ | | Create new merge request | | | ✓ | ✓ | ✓ |
| Create new branches | | | ✓ | ✓ | ✓ | | Create new branches | | | ✓ | ✓ | ✓ |
| Push to non-protected branches | | | ✓ | ✓ | ✓ | | Push to non-protected branches | | | ✓ | ✓ | ✓ |
...@@ -22,8 +24,6 @@ If a user is a GitLab administrator they receive all permissions. ...@@ -22,8 +24,6 @@ If a user is a GitLab administrator they receive all permissions.
| Remove non-protected branches | | | ✓ | ✓ | ✓ | | Remove non-protected branches | | | ✓ | ✓ | ✓ |
| Add tags | | | ✓ | ✓ | ✓ | | Add tags | | | ✓ | ✓ | ✓ |
| Write a wiki | | | ✓ | ✓ | ✓ | | Write a wiki | | | ✓ | ✓ | ✓ |
| Manage issue tracker | | | ✓ | ✓ | ✓ |
| Manage labels | | | ✓ | ✓ | ✓ |
| Create new milestones | | | | ✓ | ✓ | | Create new milestones | | | | ✓ | ✓ |
| Add new team members | | | | ✓ | ✓ | | Add new team members | | | | ✓ | ✓ |
| Push to protected branches | | | | ✓ | ✓ | | Push to protected branches | | | | ✓ | ✓ |
......
...@@ -138,6 +138,18 @@ describe "Internal Project Access", feature: true do ...@@ -138,6 +138,18 @@ describe "Internal Project Access", feature: true do
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for :visitor }
end end
describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
......
...@@ -138,6 +138,18 @@ describe "Private Project Access", feature: true do ...@@ -138,6 +138,18 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for :visitor }
end end
describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
......
...@@ -143,6 +143,18 @@ describe "Public Project Access", feature: true do ...@@ -143,6 +143,18 @@ describe "Public Project Access", feature: true do
it { is_expected.to be_allowed_for :visitor } it { is_expected.to be_allowed_for :visitor }
end end
describe "GET /:project_path/issues/:id/edit" do
let(:issue) { create(:issue, project: project) }
subject { edit_namespace_project_issue_path(project.namespace, project, issue) }
it { is_expected.to be_allowed_for master }
it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_denied_for guest }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :visitor }
end
describe "GET /:project_path/snippets" do describe "GET /:project_path/snippets" do
subject { namespace_project_snippets_path(project.namespace, project) } subject { namespace_project_snippets_path(project.namespace, project) }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment