Commit 2e0e2b22 authored by Timothy Andrew's avatar Timothy Andrew

Backport changes from gitlab-org/gitlab-ee!998

Some changes in EE for the auditor user feature need
to be backported to CE to avoid merge conflicts. This
commit encapsulates all these backports.
parent 4d11903d
...@@ -214,25 +214,7 @@ class ProjectPolicy < BasePolicy ...@@ -214,25 +214,7 @@ class ProjectPolicy < BasePolicy
def anonymous_rules def anonymous_rules
return unless project.public? return unless project.public?
can! :read_project base_readonly_access!
can! :read_board
can! :read_list
can! :read_wiki
can! :read_label
can! :read_milestone
can! :read_project_snippet
can! :read_project_member
can! :read_merge_request
can! :read_note
can! :read_pipeline
can! :read_commit_status
can! :read_container_image
can! :download_code
can! :download_wiki_code
can! :read_cycle_analytics
# NOTE: may be overridden by IssuePolicy
can! :read_issue
# Allow to read builds by anonymous user if guests are allowed # Allow to read builds by anonymous user if guests are allowed
can! :read_build if project.public_builds? can! :read_build if project.public_builds?
...@@ -265,4 +247,31 @@ class ProjectPolicy < BasePolicy ...@@ -265,4 +247,31 @@ class ProjectPolicy < BasePolicy
:"admin_#{name}" :"admin_#{name}"
] ]
end end
private
# A base set of abilities for read-only users, which
# is then augmented as necessary for anonymous and other
# read-only users.
def base_readonly_access!
can! :read_project
can! :read_board
can! :read_list
can! :read_wiki
can! :read_label
can! :read_milestone
can! :read_project_snippet
can! :read_project_member
can! :read_merge_request
can! :read_note
can! :read_pipeline
can! :read_commit_status
can! :read_container_image
can! :download_code
can! :download_wiki_code
can! :read_cycle_analytics
# NOTE: may be overridden by IssuePolicy
can! :read_issue
end
end end
...@@ -3,7 +3,7 @@ class ProjectSnippetPolicy < BasePolicy ...@@ -3,7 +3,7 @@ class ProjectSnippetPolicy < BasePolicy
can! :read_project_snippet if @subject.public? can! :read_project_snippet if @subject.public?
return unless @user return unless @user
if @user && @subject.author == @user || @user.admin? if @user && (@subject.author == @user || @user.admin?)
can! :read_project_snippet can! :read_project_snippet
can! :update_project_snippet can! :update_project_snippet
can! :admin_project_snippet can! :admin_project_snippet
......
...@@ -13,7 +13,7 @@ ...@@ -13,7 +13,7 @@
= image_tag avatar_icon(current_user), alt: current_user.to_reference, class: 'avatar s40' = image_tag avatar_icon(current_user), alt: current_user.to_reference, class: 'avatar s40'
.timeline-content.timeline-content-form .timeline-content.timeline-content-form
= render "projects/notes/form", view: diff_view = render "projects/notes/form", view: diff_view
- else - elsif !current_user
.disabled-comment.text-center .disabled-comment.text-center
.disabled-comment-text.inline .disabled-comment-text.inline
Please Please
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment