Commit bdd7600d authored by Douwe Maan's avatar Douwe Maan Committed by Bob Van Landuyt

Add ability checks in views where they were previously missing

parent 8272ec9a
......@@ -317,10 +317,10 @@ Please check your network connection and try again.`;
<note-signed-out-widget v-if="!isLoggedIn" />
<discussion-locked-widget
issuable-type="issue"
v-else-if="!canCreateNote"
v-else-if="isLocked(getNoteableData) && !canCreateNote"
/>
<ul
v-else
v-else-if="canCreateNote"
class="notes notes-form timeline">
<li class="timeline-entry">
<div class="timeline-entry-inner">
......
......@@ -7,5 +7,6 @@
- link_to_help_page = link_to(_('Learn more about Kubernetes'), help_page_path('user/project/clusters/index'), target: '_blank', rel: 'noopener noreferrer')
%p= s_('ClusterIntegration|Kubernetes clusters allow you to use review apps, deploy your applications, run your pipelines, and much more in an easy way. %{link_to_help_page}').html_safe % { link_to_help_page: link_to_help_page}
- if can?(current_user, :create_cluster, @project)
.text-center
= link_to s_('ClusterIntegration|Add Kubernetes cluster'), new_project_cluster_path(@project), class: 'btn btn-success'
......@@ -35,9 +35,10 @@
- unless @commit.has_been_reverted?(current_user)
%li.clearfix
= revert_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false)
- if can_collaborate_with_project?
%li.clearfix
= cherry_pick_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false)
- if can_collaborate_with_project?
- if can?(current_user, :push_code, @project)
%li.clearfix
= link_to s_("CreateTag|Tag"), new_project_tag_path(@project, ref: @commit)
%li.divider
......
......@@ -2,7 +2,8 @@
= icon('rss')
- if @can_bulk_update
= button_tag "Edit issues", class: "btn btn-default append-right-10 js-bulk-update-toggle"
= link_to "New issue", new_project_issue_path(@project,
- if !current_user || can?(current_user, :create_issue, @project)
= link_to "New issue", new_project_issue_path(@project,
issue: { assignee_id: finder.assignee.try(:id),
milestone_id: finder.milestones.first.try(:id) }),
class: "btn btn-new",
......
......@@ -28,7 +28,7 @@
= icon('history')
.btn-container.controls-item
= render 'projects/buttons/download', project: @project, ref: @tag.name
- if can?(current_user, :admin_project, @project)
- if can?(current_user, :push_code, @project) && can?(current_user, :admin_project, @project)
.btn-container.controls-item-full
= link_to project_tag_path(@project, @tag.name), class: "btn btn-remove remove-row has-tooltip #{protected_tag?(@project, @tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: @tag.name } } do
%i.fa.fa-trash-o
......
......@@ -61,6 +61,7 @@
= link_to fork_path, method: :post do
#{ _('New directory') }
- if can?(current_user, :push_code, @project)
%li.divider
%li.dropdown-header
#{ _('This repository') }
......
......@@ -47,6 +47,7 @@
class: 'text-danger'
.pull-right.hidden-xs.hidden-sm
- if can?(current_user, :admin_label, label)
- if label.is_a?(ProjectLabel) && label.project.group && can?(current_user, :admin_label, label.project.group)
%button.js-promote-project-label-button.btn.btn-transparent.btn-action.has-tooltip{ title: _('Promote to Group Label'),
disabled: true,
......@@ -60,7 +61,6 @@
container: 'body',
toggle: 'modal' } }
= sprite_icon('level-up')
- if can?(current_user, :admin_label, label)
= link_to edit_label_path(label), title: "Edit", class: 'btn btn-transparent btn-action', data: {toggle: "tooltip"} do
%span.sr-only Edit
= sprite_icon('pencil')
......
......@@ -7,6 +7,8 @@ describe 'projects/commit/_commit_box.html.haml' do
before do
assign(:project, project)
assign(:commit, project.commit)
assign(:current_user, user)
allow(view).to receive(:current_user).and_return(user)
allow(view).to receive(:can_collaborate_with_project?).and_return(false)
end
......@@ -47,7 +49,8 @@ describe 'projects/commit/_commit_box.html.haml' do
context 'viewing a commit' do
context 'as a developer' do
before do
expect(view).to receive(:can_collaborate_with_project?).and_return(true)
project.add_developer(user)
allow(view).to receive(:can_collaborate_with_project?).and_return(true)
end
it 'has a link to create a new tag' do
......@@ -58,10 +61,6 @@ describe 'projects/commit/_commit_box.html.haml' do
end
context 'as a non-developer' do
before do
expect(view).to receive(:can_collaborate_with_project?).and_return(false)
end
it 'does not have a link to create a new tag' do
render
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment