Commit 0b91ff28 authored by Felipe Artur's avatar Felipe Artur

Projects members tab should follow visibility levels

parent 62f6601c
...@@ -154,17 +154,9 @@ class Ability ...@@ -154,17 +154,9 @@ class Ability
end end
end end
def project_member_rules(team, user)
all_members_rules = []
#Rules only for members which does not include public behavior
all_members_rules << :read_members_list if team.members.include?(user)
all_members_rules
end
def project_team_rules(team, user) def project_team_rules(team, user)
# Rules based on role in project # Rules based on role in project
filtered_rules = if team.master?(user) if team.master?(user)
project_master_rules project_master_rules
elsif team.developer?(user) elsif team.developer?(user)
project_dev_rules project_dev_rules
...@@ -173,8 +165,6 @@ class Ability ...@@ -173,8 +165,6 @@ class Ability
elsif team.guest?(user) elsif team.guest?(user)
project_guest_rules project_guest_rules
end end
Array(filtered_rules) + project_member_rules(team, user)
end end
def public_project_rules def public_project_rules
...@@ -199,7 +189,8 @@ class Ability ...@@ -199,7 +189,8 @@ class Ability
:create_project, :create_project,
:create_issue, :create_issue,
:create_note, :create_note,
:upload_file :upload_file,
:read_members_list
] ]
end end
......
...@@ -48,7 +48,7 @@ describe Projects::ProjectMembersController do ...@@ -48,7 +48,7 @@ describe Projects::ProjectMembersController do
end end
describe 'index' do describe 'index' do
let(:project) { create(:project, :internal) } let(:project) { create(:project, :private) }
context 'when user is member' do context 'when user is member' do
let(:member) { create(:user) } let(:member) { create(:user) }
...@@ -59,18 +59,7 @@ describe Projects::ProjectMembersController do ...@@ -59,18 +59,7 @@ describe Projects::ProjectMembersController do
get :index, namespace_id: project.namespace.to_param, project_id: project.to_param get :index, namespace_id: project.namespace.to_param, project_id: project.to_param
end end
it { expect(response.status).to eq(200) } it { expect(response.status).to eq(200) }
end
context 'when user is not member' do
let(:not_member) { create(:user) }
before do
sign_in(not_member)
get :index, namespace_id: project.namespace.to_param, project_id: project.to_param
end
it { expect(response.status).to eq(403) }
end end
end end
end end
...@@ -101,12 +101,12 @@ describe "Internal Project Access", feature: true do ...@@ -101,12 +101,12 @@ describe "Internal Project Access", feature: true do
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for master }
it { is_expected.to be_denied_for developer } it { is_expected.to be_allowed_for developer }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_denied_for guest } it { is_expected.to be_allowed_for guest }
it { is_expected.to be_denied_for :user } it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :external }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for :visitor }
it { is_expected.to be_denied_for :external }
end end
describe "GET /:project_path/blob" do describe "GET /:project_path/blob" do
......
...@@ -101,9 +101,9 @@ describe "Private Project Access", feature: true do ...@@ -101,9 +101,9 @@ describe "Private Project Access", feature: true do
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for master }
it { is_expected.to be_denied_for developer } it { is_expected.to be_allowed_for developer }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_denied_for guest } it { is_expected.to be_allowed_for guest }
it { is_expected.to be_denied_for :user } it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :external } it { is_expected.to be_denied_for :external }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_denied_for :visitor }
......
...@@ -101,12 +101,12 @@ describe "Public Project Access", feature: true do ...@@ -101,12 +101,12 @@ describe "Public Project Access", feature: true do
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for owner } it { is_expected.to be_allowed_for owner }
it { is_expected.to be_allowed_for master } it { is_expected.to be_allowed_for master }
it { is_expected.to be_denied_for developer } it { is_expected.to be_allowed_for developer }
it { is_expected.to be_denied_for reporter } it { is_expected.to be_allowed_for reporter }
it { is_expected.to be_denied_for guest } it { is_expected.to be_allowed_for guest }
it { is_expected.to be_denied_for :user } it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :external } it { is_expected.to be_allowed_for :visitor }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_allowed_for :external }
end end
describe "GET /:project_path/builds" do describe "GET /:project_path/builds" do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment