remove Ability.abilities

5853c96b · http://jneen.net/ · c218dd90 · 5853c96b · 5853c96b · 5853c96b
Commit 5853c96b authored Aug 08, 2016 by http://jneen.net/
18 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base

  protect_from_forgery with: :exception

-  helper_method :abilities, :can?, :current_application_settings
+  helper_method :can?, :current_application_settings
  helper_method :import_sources_enabled?, :github_import_enabled?, :github_import_configured?, :gitlab_import_enabled?, :gitlab_import_configured?, :bitbucket_import_enabled?, :bitbucket_import_configured?, :google_code_import_enabled?, :fogbugz_import_enabled?, :git_import_enabled?, :gitlab_project_import_enabled?

  rescue_from Encoding::CompatibilityError do |exception|
@@ -97,12 +97,8 @@ class ApplicationController < ActionController::Base
    current_application_settings.after_sign_out_path.presence || new_user_session_path
  end

-  def abilities
-    Ability.abilities
-  end
-
  def can?(object, action, subject)
-    abilities.allowed?(object, action, subject)
+    Ability.allowed?(object, action, subject)
  end

  def access_denied!

--- a/app/finders/issuable_finder.rb
+++ b/app/finders/issuable_finder.rb
@@ -64,7 +64,7 @@ class IssuableFinder
    if project?
      @project = Project.find(params[:project_id])

-      unless Ability.abilities.allowed?(current_user, :read_project, @project)
+      unless Ability.allowed?(current_user, :read_project, @project)
        @project = nil
      end
    else

--- a/app/finders/todos_finder.rb
+++ b/app/finders/todos_finder.rb
@@ -83,7 +83,7 @@ class TodosFinder
    if project?
      @project = Project.find(params[:project_id])

-      unless Ability.abilities.allowed?(current_user, :read_project, @project)
+      unless Ability.allowed?(current_user, :read_project, @project)
        @project = nil
      end
    else

--- a/app/mailers/base_mailer.rb
+++ b/app/mailers/base_mailer.rb
@@ -9,7 +9,7 @@ class BaseMailer < ActionMailer::Base
  default reply_to: Proc.new { default_reply_to_address.format }

  def can?
-    Ability.abilities.allowed?(current_user, action, subject)
+    Ability.allowed?(current_user, action, subject)
  end

  private

--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -592,11 +592,6 @@ class Ability
      [:read_user]
    end

-    def abilities
-      warn 'Ability.abilities is deprecated, use Ability.allowed?(user, action, subject) instead'
-      self
-    end
-
    def restricted_public_level?
      current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC)
    end

--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -65,7 +65,7 @@ class Event < ActiveRecord::Base
    elsif created_project?
      true
    elsif issue? || issue_note?
-      Ability.abilities.allowed?(user, :read_issue, note? ? note_target : target)
+      Ability.allowed?(user, :read_issue, note? ? note_target : target)
    else
      ((merge_request? || note?) && target.present?) || milestone?
    end

--- a/app/models/merge_request.rb
+++ b/app/models/merge_request.rb
@@ -411,7 +411,7 @@ class MergeRequest < ActiveRecord::Base
  def can_remove_source_branch?(current_user)
    !source_project.protected_branch?(source_branch) &&
      !source_project.root_ref?(source_branch) &&
-      Ability.abilities.allowed?(current_user, :push_code, source_project) &&
+      Ability.allowed?(current_user, :push_code, source_project) &&
      diff_head_commit == source_branch_head
  end


--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -460,16 +460,12 @@ class User < ActiveRecord::Base
    can?(:create_group, nil)
  end

-  def abilities
-    Ability.abilities
-  end
-
  def can_select_namespace?
    several_namespaces? || admin
  end

  def can?(action, subject)
-    abilities.allowed?(self, action, subject)
+    Ability.allowed?(self, action, subject)
  end

  def first_name

--- a/app/services/base_service.rb
+++ b/app/services/base_service.rb
@@ -7,12 +7,8 @@ class BaseService
    @project, @current_user, @params = project, user, params.dup
  end

-  def abilities
-    Ability.abilities
-  end
-
  def can?(object, action, subject)
-    abilities.allowed?(object, action, subject)
+    Ability.allowed?(object, action, subject)
  end

  def notification_service

--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -148,7 +148,7 @@ module API
    end

    def can?(object, action, subject)
-      abilities.allowed?(object, action, subject)
+      Ability.allowed?(object, action, subject)
    end

    # Checks the occurrences of required attributes, each attribute must be present in the params hash
@@ -408,10 +408,6 @@ module API
      links.join(', ')
    end

-    def abilities
-      Ability
-    end
-
    def secret_token
      File.read(Gitlab.config.gitlab_shell.secret_file).chomp
    end

--- a/lib/banzai/reference_parser/base_parser.rb
+++ b/lib/banzai/reference_parser/base_parser.rb
@@ -211,7 +211,7 @@ module Banzai
      end

      def can?(user, permission, subject)
-        Ability.abilities.allowed?(user, permission, subject)
+        Ability.allowed?(user, permission, subject)
      end

      def find_projects_for_hash_keys(hash)

--- a/spec/controllers/projects/boards/issues_controller_spec.rb
+++ b/spec/controllers/projects/boards/issues_controller_spec.rb
@@ -41,8 +41,8 @@ describe Projects::Boards::IssuesController do

    context 'with unauthorized user' do
      before do
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_issue, project).and_return(false)
+        allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
+        allow(Ability).to receive(:allowed?).with(user, :read_issue, project).and_return(false)
      end

      it 'returns a successful 403 response' do

--- a/spec/controllers/projects/boards/lists_controller_spec.rb
+++ b/spec/controllers/projects/boards/lists_controller_spec.rb
@@ -35,8 +35,8 @@ describe Projects::Boards::ListsController do

    context 'with unauthorized user' do
      before do
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_list, project).and_return(false)
+        allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
+        allow(Ability).to receive(:allowed?).with(user, :read_list, project).and_return(false)
      end

      it 'returns a successful 403 response' do

--- a/spec/controllers/projects/boards_controller_spec.rb
+++ b/spec/controllers/projects/boards_controller_spec.rb
@@ -23,8 +23,8 @@ describe Projects::BoardsController do

    context 'with unauthorized user' do
      before do
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_project, project).and_return(true)
-        allow(Ability.abilities).to receive(:allowed?).with(user, :read_board, project).and_return(false)
+        allow(Ability).to receive(:allowed?).with(user, :read_project, project).and_return(true)
+        allow(Ability).to receive(:allowed?).with(user, :read_board, project).and_return(false)
      end

      it 'returns a successful 404 response' do

--- a/spec/lib/banzai/reference_parser/base_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/base_parser_spec.rb
@@ -30,7 +30,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
      it 'returns the nodes if the attribute value equals the current project ID' do
        link['data-project'] = project.id.to_s

-        expect(Ability.abilities).not_to receive(:allowed?)
+        expect(Ability).not_to receive(:allowed?)
        expect(subject.nodes_visible_to_user(user, [link])).to eq([link])
      end

@@ -39,7 +39,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do

        link['data-project'] = other_project.id.to_s

-        expect(Ability.abilities).to receive(:allowed?).
+        expect(Ability).to receive(:allowed?).
          with(user, :read_project, other_project).
          and_return(true)

@@ -57,7 +57,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do

        link['data-project'] = other_project.id.to_s

-        expect(Ability.abilities).to receive(:allowed?).
+        expect(Ability).to receive(:allowed?).
          with(user, :read_project, other_project).
          and_return(false)

@@ -221,7 +221,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
    it 'delegates the permissions check to the Ability class' do
      user = double(:user)

-      expect(Ability.abilities).to receive(:allowed?).
+      expect(Ability).to receive(:allowed?).
        with(user, :read_project, project)

      subject.can?(user, :read_project, project)

--- a/spec/lib/banzai/reference_parser/user_parser_spec.rb
+++ b/spec/lib/banzai/reference_parser/user_parser_spec.rb
@@ -82,7 +82,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
        end

        it 'returns the nodes if the user can read the group' do
-          expect(Ability.abilities).to receive(:allowed?).
+          expect(Ability).to receive(:allowed?).
            with(user, :read_group, group).
            and_return(true)

@@ -90,7 +90,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
        end

        it 'returns an empty Array if the user can not read the group' do
-          expect(Ability.abilities).to receive(:allowed?).
+          expect(Ability).to receive(:allowed?).
            with(user, :read_group, group).
            and_return(false)

@@ -103,7 +103,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
          it 'returns the nodes if the attribute value equals the current project ID' do
            link['data-project'] = project.id.to_s

-            expect(Ability.abilities).not_to receive(:allowed?)
+            expect(Ability).not_to receive(:allowed?)

            expect(subject.nodes_visible_to_user(user, [link])).to eq([link])
          end
@@ -113,7 +113,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do

            link['data-project'] = other_project.id.to_s

-            expect(Ability.abilities).to receive(:allowed?).
+            expect(Ability).to receive(:allowed?).
              with(user, :read_project, other_project).
              and_return(true)

@@ -125,7 +125,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do

            link['data-project'] = other_project.id.to_s

-            expect(Ability.abilities).to receive(:allowed?).
+            expect(Ability).to receive(:allowed?).
              with(user, :read_project, other_project).
              and_return(false)


--- a/spec/models/members/project_member_spec.rb
+++ b/spec/models/members/project_member_spec.rb
@@ -71,8 +71,6 @@ describe ProjectMember, models: true do

  describe :import_team do
    before do
-      @abilities = Ability
-
      @project_1 = create :project
      @project_2 = create :project

@@ -91,8 +89,8 @@ describe ProjectMember, models: true do
      it { expect(@project_2.users).to include(@user_1) }
      it { expect(@project_2.users).to include(@user_2) }

-      it { expect(@abilities.allowed?(@user_1, :create_project, @project_2)).to be_truthy }
-      it { expect(@abilities.allowed?(@user_2, :read_project, @project_2)).to be_truthy }
+      it { expect(Ability.allowed?(@user_1, :create_project, @project_2)).to be_truthy }
+      it { expect(Ability.allowed?(@user_2, :read_project, @project_2)).to be_truthy }
    end

    describe 'project 1 should not be changed' do

--- a/spec/models/note_spec.rb
+++ b/spec/models/note_spec.rb
@@ -85,7 +85,6 @@ describe Note, models: true do
      @u1 = create(:user)
      @u2 = create(:user)
      @u3 = create(:user)
-      @abilities = Ability
    end

    describe 'read' do
@@ -94,9 +93,9 @@ describe Note, models: true do
        @p2.project_members.create(user: @u3, access_level: ProjectMember::GUEST)
      end

-      it { expect(@abilities.allowed?(@u1, :read_note, @p1)).to be_falsey }
-      it { expect(@abilities.allowed?(@u2, :read_note, @p1)).to be_truthy }
-      it { expect(@abilities.allowed?(@u3, :read_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u1, :read_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u2, :read_note, @p1)).to be_truthy }
+      it { expect(Ability.allowed?(@u3, :read_note, @p1)).to be_falsey }
    end

    describe 'write' do
@@ -105,9 +104,9 @@ describe Note, models: true do
        @p2.project_members.create(user: @u3, access_level: ProjectMember::DEVELOPER)
      end

-      it { expect(@abilities.allowed?(@u1, :create_note, @p1)).to be_falsey }
-      it { expect(@abilities.allowed?(@u2, :create_note, @p1)).to be_truthy }
-      it { expect(@abilities.allowed?(@u3, :create_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u1, :create_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u2, :create_note, @p1)).to be_truthy }
+      it { expect(Ability.allowed?(@u3, :create_note, @p1)).to be_falsey }
    end

    describe 'admin' do
@@ -117,9 +116,9 @@ describe Note, models: true do
        @p2.project_members.create(user: @u3, access_level: ProjectMember::MASTER)
      end

-      it { expect(@abilities.allowed?(@u1, :admin_note, @p1)).to be_falsey }
-      it { expect(@abilities.allowed?(@u2, :admin_note, @p1)).to be_truthy }
-      it { expect(@abilities.allowed?(@u3, :admin_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u1, :admin_note, @p1)).to be_falsey }
+      it { expect(Ability.allowed?(@u2, :admin_note, @p1)).to be_truthy }
+      it { expect(Ability.allowed?(@u3, :admin_note, @p1)).to be_falsey }
    end
  end