Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
00e4a479
Commit
00e4a479
authored
Jan 25, 2013
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
allow/deny user to create group/team
parent
585a53c4
Changes
4
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
32 additions
and
10 deletions
+32
-10
app/controllers/groups_controller.rb
app/controllers/groups_controller.rb
+5
-0
app/models/ability.rb
app/models/ability.rb
+18
-9
app/models/user.rb
app/models/user.rb
+1
-1
app/views/admin/users/_form.html.haml
app/views/admin/users/_form.html.haml
+8
-0
No files found.
app/controllers/groups_controller.rb
View file @
00e4a479
...
@@ -6,6 +6,7 @@ class GroupsController < ApplicationController
...
@@ -6,6 +6,7 @@ class GroupsController < ApplicationController
# Authorize
# Authorize
before_filter
:authorize_read_group!
,
except:
[
:new
,
:create
]
before_filter
:authorize_read_group!
,
except:
[
:new
,
:create
]
before_filter
:authorize_create_group!
,
only:
[
:new
,
:create
]
# Load group projects
# Load group projects
before_filter
:projects
,
except:
[
:new
,
:create
]
before_filter
:projects
,
except:
[
:new
,
:create
]
...
@@ -103,4 +104,8 @@ class GroupsController < ApplicationController
...
@@ -103,4 +104,8 @@ class GroupsController < ApplicationController
return
render_404
return
render_404
end
end
end
end
def
authorize_create_group!
can?
(
current_user
,
:create_group
,
nil
)
end
end
end
app/models/ability.rb
View file @
00e4a479
class
Ability
class
Ability
class
<<
self
class
<<
self
def
allowed
(
object
,
subject
)
def
allowed
(
user
,
subject
)
return
[]
unless
user
.
kind_of?
(
User
)
case
subject
.
class
.
name
case
subject
.
class
.
name
when
"Project"
then
project_abilities
(
object
,
subject
)
when
"Project"
then
project_abilities
(
user
,
subject
)
when
"Issue"
then
issue_abilities
(
object
,
subject
)
when
"Issue"
then
issue_abilities
(
user
,
subject
)
when
"Note"
then
note_abilities
(
object
,
subject
)
when
"Note"
then
note_abilities
(
user
,
subject
)
when
"Snippet"
then
snippet_abilities
(
object
,
subject
)
when
"Snippet"
then
snippet_abilities
(
user
,
subject
)
when
"MergeRequest"
then
merge_request_abilities
(
object
,
subject
)
when
"MergeRequest"
then
merge_request_abilities
(
user
,
subject
)
when
"Group"
,
"Namespace"
then
group_abilities
(
object
,
subject
)
when
"Group"
,
"Namespace"
then
group_abilities
(
user
,
subject
)
when
"UserTeam"
then
user_team_abilities
(
object
,
subject
)
when
"UserTeam"
then
user_team_abilities
(
user
,
subject
)
else
[]
else
[]
end
end
.
concat
(
global_abilities
(
user
))
end
def
global_abilities
(
user
)
rules
=
[]
rules
<<
:create_group
if
user
.
can_create_group
rules
<<
:create_team
if
user
.
can_create_team
rules
end
end
def
project_abilities
(
user
,
project
)
def
project_abilities
(
user
,
project
)
...
...
app/models/user.rb
View file @
00e4a479
...
@@ -232,7 +232,7 @@ class User < ActiveRecord::Base
...
@@ -232,7 +232,7 @@ class User < ActiveRecord::Base
end
end
def
can_create_group?
def
can_create_group?
can
_create_project?
can
?
(
:create_group
,
nil
)
end
end
def
abilities
def
abilities
...
...
app/views/admin/users/_form.html.haml
View file @
00e4a479
...
@@ -46,6 +46,14 @@
...
@@ -46,6 +46,14 @@
=
f
.
label
:projects_limit
=
f
.
label
:projects_limit
.input
=
f
.
number_field
:projects_limit
.input
=
f
.
number_field
:projects_limit
.clearfix
=
f
.
label
:can_create_group
.input
=
f
.
check_box
:can_create_group
.clearfix
=
f
.
label
:can_create_team
.input
=
f
.
check_box
:can_create_team
.clearfix
.clearfix
=
f
.
label
:admin
do
=
f
.
label
:admin
do
%strong
.cred
Administrator
%strong
.cred
Administrator
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment