Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
37fc82ac
Commit
37fc82ac
authored
Nov 19, 2015
by
Douwe Maan
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Resolve conflicts
parent
ed2a8ba6
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
29 additions
and
82 deletions
+29
-82
app/controllers/groups/group_members_controller.rb
app/controllers/groups/group_members_controller.rb
+6
-23
app/controllers/projects/project_members_controller.rb
app/controllers/projects/project_members_controller.rb
+6
-13
app/models/ability.rb
app/models/ability.rb
+14
-33
app/models/member.rb
app/models/member.rb
+2
-6
app/models/project.rb
app/models/project.rb
+1
-7
No files found.
app/controllers/groups/group_members_controller.rb
View file @
37fc82ac
...
...
@@ -39,40 +39,25 @@ class Groups::GroupMembersController < Groups::ApplicationController
return
render_403
unless
can?
(
current_user
,
:update_group_member
,
@group_member
)
<<<<<<<
HEAD
old_access_level
=
@member
.
human_access
old_access_level
=
@group_member
.
human_access
if
@member
.
update_attributes
(
member_params
)
log_audit_event
(
@member
,
action: :update
,
old_access_level:
old_access_level
)
if
@
group_
member
.
update_attributes
(
member_params
)
log_audit_event
(
@
group_
member
,
action: :update
,
old_access_level:
old_access_level
)
end
=======
@group_member
.
update_attributes
(
member_params
)
>>>>>>>
ce
/
8
-
2
-
stable
end
def
destroy
@group_member
=
@group
.
group_members
.
find
(
params
[
:id
])
<<<<<<<
HEAD
if
can?
(
current_user
,
:destroy_group_member
,
@group_member
)
# May fail if last owner.
@group_member
.
destroy
log_audit_event
(
@group_member
,
action: :destroy
)
respond_to
do
|
format
|
format
.
html
{
redirect_to
group_group_members_path
(
@group
),
notice:
'User was successfully removed from group.'
}
format
.
js
{
render
nothing:
true
}
end
else
return
render_403
=======
return
render_403
unless
can?
(
current_user
,
:destroy_group_member
,
@group_member
)
@group_member
.
destroy
log_audit_event
(
@group_member
,
action: :destroy
)
respond_to
do
|
format
|
format
.
html
{
redirect_to
group_group_members_path
(
@group
),
notice:
'User was successfully removed from group.'
}
format
.
js
{
render
nothing:
true
}
>>>>>>>
ce
/
8
-
2
-
stable
end
end
...
...
@@ -95,10 +80,8 @@ class Groups::GroupMembersController < Groups::ApplicationController
if
can?
(
current_user
,
:destroy_group_member
,
@group_member
)
@group_member
.
destroy
<<<<<<<
HEAD
log_audit_event
(
@group_member
,
action: :destroy
)
=======
>>>>>>>
ce
/
8
-
2
-
stable
redirect_to
(
dashboard_groups_path
,
notice:
"You left
#{
group
.
name
}
group."
)
else
...
...
app/controllers/projects/project_members_controller.rb
View file @
37fc82ac
...
...
@@ -43,18 +43,14 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def
update
@project_member
=
@project
.
project_members
.
find
(
params
[
:id
])
<<<<<<<
HEAD
return
render_403
unless
can?
(
current_user
,
:update_project_member
,
@project_member
)
old_access_level
=
@project_member
.
human_access
if
@project_member
.
update_attributes
(
member_params
)
log_audit_event
(
@project_member
,
action: :update
,
old_access_level:
old_access_level
)
end
=======
return
render_403
unless
can?
(
current_user
,
:update_project_member
,
@project_member
)
@project_member
.
update_attributes
(
member_params
)
>>>>>>>
ce
/
8
-
2
-
stable
end
def
destroy
...
...
@@ -63,6 +59,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
return
render_403
unless
can?
(
current_user
,
:destroy_project_member
,
@project_member
)
@project_member
.
destroy
log_audit_event
(
@project_member
,
action: :destroy
)
respond_to
do
|
format
|
...
...
@@ -90,14 +87,10 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def
leave
@project_member
=
@project
.
project_members
.
find_by
(
user_id:
current_user
)
<<<<<<<
HEAD
@project_member
=
@project
.
project_members
.
find_by
(
user_id:
current_user
)
@project_member
.
destroy
log_audit_event
(
@project_member
,
action: :destroy
)
=======
if
can?
(
current_user
,
:destroy_project_member
,
@project_member
)
@project_member
.
destroy
>>>>>>>
ce
/
8
-
2
-
stable
log_audit_event
(
@project_member
,
action: :destroy
)
respond_to
do
|
format
|
format
.
html
{
redirect_to
dashboard_projects_path
,
notice:
"You left the project."
}
...
...
app/models/ability.rb
View file @
37fc82ac
...
...
@@ -5,18 +5,18 @@ class Ability
return
[]
unless
user
.
kind_of?
(
User
)
return
[]
if
user
.
blocked?
<<<<<<<
HEAD
abilities
=
abilities
=
case
subject
.
class
.
name
when
"Project"
then
project_abilities
(
user
,
subject
)
when
"Issue"
then
issue_abilities
(
user
,
subject
)
when
"Note"
then
note_abilities
(
user
,
subject
)
when
"ProjectSnippet"
then
project_snippet_abilities
(
user
,
subject
)
when
"PersonalSnippet"
then
personal_snippet_abilities
(
user
,
subject
)
when
"MergeRequest"
then
merge_request_abilities
(
user
,
subject
)
when
"Group"
then
group_abilities
(
user
,
subject
)
when
"Namespace"
then
namespace_abilities
(
user
,
subject
)
when
"GroupMember"
then
group_member_abilities
(
user
,
subject
)
when
"Project"
then
project_abilities
(
user
,
subject
)
when
"Issue"
then
issue_abilities
(
user
,
subject
)
when
"Note"
then
note_abilities
(
user
,
subject
)
when
"ProjectSnippet"
then
project_snippet_abilities
(
user
,
subject
)
when
"PersonalSnippet"
then
personal_snippet_abilities
(
user
,
subject
)
when
"MergeRequest"
then
merge_request_abilities
(
user
,
subject
)
when
"Group"
then
group_abilities
(
user
,
subject
)
when
"Namespace"
then
namespace_abilities
(
user
,
subject
)
when
"GroupMember"
then
group_member_abilities
(
user
,
subject
)
when
"ProjectMember"
then
project_member_abilities
(
user
,
subject
)
else
[]
end
...
...
@@ -34,21 +34,6 @@ class Ability
:push_code
,
:push_code_to_protected_branches
]
=======
case
subject
.
class
.
name
when
"Project"
then
project_abilities
(
user
,
subject
)
when
"Issue"
then
issue_abilities
(
user
,
subject
)
when
"Note"
then
note_abilities
(
user
,
subject
)
when
"ProjectSnippet"
then
project_snippet_abilities
(
user
,
subject
)
when
"PersonalSnippet"
then
personal_snippet_abilities
(
user
,
subject
)
when
"MergeRequest"
then
merge_request_abilities
(
user
,
subject
)
when
"Group"
then
group_abilities
(
user
,
subject
)
when
"Namespace"
then
namespace_abilities
(
user
,
subject
)
when
"GroupMember"
then
group_member_abilities
(
user
,
subject
)
when
"ProjectMember"
then
project_member_abilities
(
user
,
subject
)
else
[]
end
.
concat
(
global_abilities
(
user
))
>>>>>>>
ce
/
8
-
2
-
stable
end
# List of possible abilities
...
...
@@ -275,15 +260,11 @@ class Ability
:admin_group
,
:admin_namespace
,
:admin_group_member
<<<<<<<
HEAD
])
]
unless
group
.
ldap_synced?
rules
<<
:admin_group_member
if
group
.
ldap_synced?
rules
.
delete
(
:admin_group_member
)
end
=======
]
>>>>>>>
ce
/
8
-
2
-
stable
end
rules
.
flatten
...
...
app/models/member.rb
View file @
37fc82ac
...
...
@@ -96,23 +96,19 @@ class Member < ActiveRecord::Base
member
.
created_by
||=
current_user
member
.
access_level
=
access_level
member
.
skip_notification
=
skip_notification
member
.
save
end
end
private
<<<<<<<
HEAD
member
.
skip_notification
=
skip_notification
member
.
save
=======
def
can_update_member?
(
current_user
,
member
)
# There is no current user for bulk actions, in which case anything is allowed
!
current_user
||
current_user
.
can?
(
:update_group_member
,
member
)
||
current_user
.
can?
(
:update_project_member
,
member
)
>>>>>>>
ce
/
8
-
2
-
stable
end
end
...
...
app/models/project.rb
View file @
37fc82ac
...
...
@@ -42,7 +42,7 @@ class Project < ActiveRecord::Base
include
Sortable
include
AfterCommitQueue
include
CaseSensitivity
extend
Gitlab
::
ConfigHelper
extend
Enumerize
...
...
@@ -336,7 +336,6 @@ class Project < ActiveRecord::Base
end
def
add_import_job
<<<<<<<
HEAD
if
repository_exists?
if
mirror?
RepositoryUpdateMirrorWorker
.
perform_async
(
self
.
id
)
...
...
@@ -345,8 +344,6 @@ class Project < ActiveRecord::Base
return
end
=======
>>>>>>>
ce
/
8
-
2
-
stable
if
forked?
RepositoryForkWorker
.
perform_async
(
self
.
id
,
forked_from_project
.
path_with_namespace
,
self
.
namespace
.
path
)
else
...
...
@@ -394,7 +391,6 @@ class Project < ActiveRecord::Base
original_url
end
<<<<<<<
HEAD
def
mirror_updated?
mirror?
&&
self
.
mirror_last_update_at
end
...
...
@@ -443,8 +439,6 @@ class Project < ActiveRecord::Base
repository
.
fetch_upstream
(
self
.
import_url
)
end
=======
>>>>>>>
ce
/
8
-
2
-
stable
def
check_limit
unless
creator
.
can_create_project?
or
namespace
.
kind
==
'group'
errors
[
:limit_reached
]
<<
(
"Your project limit is
#{
creator
.
projects_limit
}
projects! Please contact your administrator to increase it"
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
