Commit 5853c96b authored by http://jneen.net/'s avatar http://jneen.net/

remove Ability.abilities

parent c218dd90
......@@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base
protect_from_forgery with: :exception
helper_method :abilities, :can?, :current_application_settings
helper_method :can?, :current_application_settings
helper_method :import_sources_enabled?, :github_import_enabled?, :github_import_configured?, :gitlab_import_enabled?, :gitlab_import_configured?, :bitbucket_import_enabled?, :bitbucket_import_configured?, :google_code_import_enabled?, :fogbugz_import_enabled?, :git_import_enabled?, :gitlab_project_import_enabled?
rescue_from Encoding::CompatibilityError do |exception|
......@@ -97,12 +97,8 @@ class ApplicationController < ActionController::Base
current_application_settings.after_sign_out_path.presence || new_user_session_path
end
def abilities
Ability.abilities
end
def can?(object, action, subject)
abilities.allowed?(object, action, subject)
Ability.allowed?(object, action, subject)
end
def access_denied!
......
......@@ -64,7 +64,7 @@ class IssuableFinder
if project?
@project = Project.find(params[:project_id])
unless Ability.abilities.allowed?(current_user, :read_project, @project)
unless Ability.allowed?(current_user, :read_project, @project)
@project = nil
end
else
......
......@@ -83,7 +83,7 @@ class TodosFinder
if project?
@project = Project.find(params[:project_id])
unless Ability.abilities.allowed?(current_user, :read_project, @project)
unless Ability.allowed?(current_user, :read_project, @project)
@project = nil
end
else
......
......@@ -9,7 +9,7 @@ class BaseMailer < ActionMailer::Base
default reply_to: Proc.new { default_reply_to_address.format }
def can?
Ability.abilities.allowed?(current_user, action, subject)
Ability.allowed?(current_user, action, subject)
end
private
......
......@@ -592,11 +592,6 @@ class Ability
[:read_user]
end
def abilities
warn 'Ability.abilities is deprecated, use Ability.allowed?(user, action, subject) instead'
self
end
def restricted_public_level?
current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
end
......
......@@ -65,7 +65,7 @@ class Event < ActiveRecord::Base
elsif created_project?
true
elsif issue? || issue_note?
Ability.abilities.allowed?(user, :read_issue, note? ? note_target : target)
Ability.allowed?(user, :read_issue, note? ? note_target : target)
else
((merge_request? || note?) && target.present?) || milestone?
end
......
......@@ -411,7 +411,7 @@ class MergeRequest < ActiveRecord::Base
def can_remove_source_branch?(current_user)
!source_project.protected_branch?(source_branch) &&
!source_project.root_ref?(source_branch) &&
Ability.abilities.allowed?(current_user, :push_code, source_project) &&
Ability.allowed?(current_user, :push_code, source_project) &&
diff_head_commit == source_branch_head
end
......
......@@ -460,16 +460,12 @@ class User < ActiveRecord::Base
can?(:create_group, nil)
end
def abilities
Ability.abilities
end
def can_select_namespace?
several_namespaces? || admin
end
def can?(action, subject)
abilities.allowed?(self, action, subject)
Ability.allowed?(self, action, subject)
end
def first_name
......
......@@ -7,12 +7,8 @@ class BaseService
@project, @current_user, @params = project, user, params.dup
end
def abilities
Ability.abilities
end
def can?(object, action, subject)
abilities.allowed?(object, action, subject)
Ability.allowed?(object, action, subject)
end
def notification_service
......
......@@ -148,7 +148,7 @@ module API
end
def can?(object, action, subject)
abilities.allowed?(object, action, subject)
Ability.allowed?(object, action, subject)
end
# Checks the occurrences of required attributes, each attribute must be present in the params hash
......@@ -408,10 +408,6 @@ module API
links.join(', ')
end
def abilities
Ability
end
def secret_token
File.read(Gitlab.config.gitlab_shell.secret_file).chomp
end
......
......@@ -211,7 +211,7 @@ module Banzai
end
def can?(user, permission, subject)
Ability.abilities.allowed?(user, permission, subject)
Ability.allowed?(user, permission, subject)
end
def find_projects_for_hash_keys(hash)
......
......@@ -41,8 +41,8 @@ describe Projects::Boards::IssuesController do
context 'with unauthorized user' do
before do
allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability.abilities).to receive(:allowed?).with(user, :read_issue, project).and_return(false)
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :read_issue, project).and_return(false)
end
it 'returns a successful 403 response' do
......
......@@ -35,8 +35,8 @@ describe Projects::Boards::ListsController do
context 'with unauthorized user' do
before do
allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability.abilities).to receive(:allowed?).with(user, :read_list, project).and_return(false)
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :read_list, project).and_return(false)
end
it 'returns a successful 403 response' do
......
......@@ -23,8 +23,8 @@ describe Projects::BoardsController do
context 'with unauthorized user' do
before do
allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability.abilities).to receive(:allowed?).with(user, :read_board, project).and_return(false)
allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
end
it 'returns a successful 404 response' do
......
......@@ -30,7 +30,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
it 'returns the nodes if the attribute value equals the current project ID' do
link['data-project'] = project.id.to_s
expect(Ability.abilities).not_to receive(:allowed?)
expect(Ability).not_to receive(:allowed?)
expect(subject.nodes_visible_to_user(user, [link])).to eq([link])
end
......@@ -39,7 +39,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
link['data-project'] = other_project.id.to_s
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_project, other_project).
and_return(true)
......@@ -57,7 +57,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
link['data-project'] = other_project.id.to_s
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_project, other_project).
and_return(false)
......@@ -221,7 +221,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
it 'delegates the permissions check to the Ability class' do
user = double(:user)
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_project, project)
subject.can?(user, :read_project, project)
......
......@@ -82,7 +82,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
end
it 'returns the nodes if the user can read the group' do
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_group, group).
and_return(true)
......@@ -90,7 +90,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
end
it 'returns an empty Array if the user can not read the group' do
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_group, group).
and_return(false)
......@@ -103,7 +103,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
it 'returns the nodes if the attribute value equals the current project ID' do
link['data-project'] = project.id.to_s
expect(Ability.abilities).not_to receive(:allowed?)
expect(Ability).not_to receive(:allowed?)
expect(subject.nodes_visible_to_user(user, [link])).to eq([link])
end
......@@ -113,7 +113,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
link['data-project'] = other_project.id.to_s
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_project, other_project).
and_return(true)
......@@ -125,7 +125,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
link['data-project'] = other_project.id.to_s
expect(Ability.abilities).to receive(:allowed?).
expect(Ability).to receive(:allowed?).
with(user, :read_project, other_project).
and_return(false)
......
......@@ -71,8 +71,6 @@ describe ProjectMember, models: true do
describe :import_team do
before do
@abilities = Ability
@project_1 = create :project
@project_2 = create :project
......@@ -91,8 +89,8 @@ describe ProjectMember, models: true do
it { expect(@project_2.users).to include(@user_1) }
it { expect(@project_2.users).to include(@user_2) }
it { expect(@abilities.allowed?(@user_1, :create_project, @project_2)).to be_truthy }
it { expect(@abilities.allowed?(@user_2, :read_project, @project_2)).to be_truthy }
it { expect(Ability.allowed?(@user_1, :create_project, @project_2)).to be_truthy }
it { expect(Ability.allowed?(@user_2, :read_project, @project_2)).to be_truthy }
end
describe 'project 1 should not be changed' do
......
......@@ -85,7 +85,6 @@ describe Note, models: true do
@u1 = create(:user)
@u2 = create(:user)
@u3 = create(:user)
@abilities = Ability
end
describe 'read' do
......@@ -94,9 +93,9 @@ describe Note, models: true do
@p2.project_members.create(user: @u3, access_level: ProjectMember::GUEST)
end
it { expect(@abilities.allowed?(@u1, :read_note, @p1)).to be_falsey }
it { expect(@abilities.allowed?(@u2, :read_note, @p1)).to be_truthy }
it { expect(@abilities.allowed?(@u3, :read_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u1, :read_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u2, :read_note, @p1)).to be_truthy }
it { expect(Ability.allowed?(@u3, :read_note, @p1)).to be_falsey }
end
describe 'write' do
......@@ -105,9 +104,9 @@ describe Note, models: true do
@p2.project_members.create(user: @u3, access_level: ProjectMember::DEVELOPER)
end
it { expect(@abilities.allowed?(@u1, :create_note, @p1)).to be_falsey }
it { expect(@abilities.allowed?(@u2, :create_note, @p1)).to be_truthy }
it { expect(@abilities.allowed?(@u3, :create_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u1, :create_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u2, :create_note, @p1)).to be_truthy }
it { expect(Ability.allowed?(@u3, :create_note, @p1)).to be_falsey }
end
describe 'admin' do
......@@ -117,9 +116,9 @@ describe Note, models: true do
@p2.project_members.create(user: @u3, access_level: ProjectMember::MASTER)
end
it { expect(@abilities.allowed?(@u1, :admin_note, @p1)).to be_falsey }
it { expect(@abilities.allowed?(@u2, :admin_note, @p1)).to be_truthy }
it { expect(@abilities.allowed?(@u3, :admin_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u1, :admin_note, @p1)).to be_falsey }
it { expect(Ability.allowed?(@u2, :admin_note, @p1)).to be_truthy }
it { expect(Ability.allowed?(@u3, :admin_note, @p1)).to be_falsey }
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment