block visibility level restriction override in controller

68fd66c6 · Job van der Voort · d4180875 · 68fd66c6 · 68fd66c6
Commit 68fd66c6 authored Aug 28, 2014 by Job van der Voort
Hide whitespace changes
Inline Side-by-side

Showing with 16 additions and 2 deletions

lib/gitlab/visibility_level.rb lib/gitlab/visibility_level.rb +15 -1

spec/services/projects/update_service_spec.rb spec/services/projects/update_service_spec.rb +1 -1

No files found.
--- a/lib/gitlab/visibility_level.rb
+++ b/lib/gitlab/visibility_level.rb
@@ -23,7 +23,21 @@ module Gitlab
      end
      def allowed_for?(user, level)
-        user.is_admin? || !Gitlab.config.gitlab.restricted_visibility_levels.include?(level)
+        user.is_admin? || allowed_level?(level)
+      end
+      # Level can be a string `"public"` or a value `20`, first check if valid,
+      # then check if the corresponding string appears in the config
+      def allowed_level?(level)
+        if options.has_key?(level.to_s)
+          non_restricted_level?(level)
+        elsif options.has_value?(level.to_i)
+          non_restricted_level?(options.key(level.to_i).downcase)
+        end
+      end
+      def non_restricted_level?(level)
+        ! Gitlab.config.gitlab.restricted_visibility_levels.include?(level)
      end
    end

--- a/spec/services/projects/update_service_spec.rb
+++ b/spec/services/projects/update_service_spec.rb
@@ -48,7 +48,7 @@ describe Projects::UpdateService do
    context 'respect configured visibility restrictions setting' do
      before(:each) do
        @restrictions = double("restrictions")
-        @restrictions.stub(:restricted_visibility_levels) { [ Gitlab::VisibilityLevel::PUBLIC ] }
+        @restrictions.stub(:restricted_visibility_levels) { [ "public" ] }
        Settings.stub_chain(:gitlab).and_return(@restrictions)
      end