Commit 871723da authored by Stan Hu's avatar Stan Hu

Incorporate review comments

parent d1ea2bca
......@@ -71,7 +71,7 @@ class Projects::IssuesController < Projects::ApplicationController
@note = @project.notes.new(noteable: @issue)
@noteable = @issue
preload_max_access_for_authors(@notes, @project) if @notes
preload_max_access_for_authors(@notes, @project)
respond_to do |format|
format.html
......
......@@ -387,7 +387,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
@ref
)
preload_max_access_for_authors(@notes, @project) if @notes
preload_max_access_for_authors(@notes, @project)
end
def define_widget_vars
......
......@@ -389,10 +389,8 @@ class Ability
end
def can_edit_note?(user, note)
return false unless note.editable?
return false unless user.present?
return true if note.author == user
return true if user.admin?
return false if !note.editable? || !user.present?
return true if note.author == user || user.admin?
if note.project
max_access_level = note.project.team.max_member_access(user.id)
......
......@@ -53,6 +53,10 @@ class Member < ActiveRecord::Base
default_value_for :notification_level, NotificationSetting.levels[:global]
class << self
def access_for_user_ids(user_ids)
where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h
end
def find_by_invite_token(invite_token)
invite_token = Devise.token_generator.digest(self, :invite_token, invite_token)
find_by(invite_token: invite_token)
......
......@@ -138,20 +138,20 @@ class ProjectTeam
def max_member_access_for_user_ids(user_ids)
user_ids = user_ids.uniq
key = "max_member_access:#{project.id}"
RequestStore.store[key] ||= Hash.new
RequestStore.store[key] ||= {}
access = RequestStore.store[key]
# Lookup only the IDs we need
user_ids = user_ids - access.keys
if user_ids.present?
user_ids.map { |id| access[id] = Gitlab::Access::NO_ACCESS }
user_ids.each { |id| access[id] = Gitlab::Access::NO_ACCESS }
member_access = project.members.where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h
member_access = project.members.access_for_user_ids(user_ids)
merge_max!(access, member_access)
if group
group_access = group.members.where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h
group_access = group.members.access_for_user_ids(user_ids)
merge_max!(access, group_access)
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment