diff options
author | Douwe Maan <douwe@gitlab.com> | 2015-08-20 18:32:32 -0700 |
---|---|---|
committer | Douwe Maan <douwe@gitlab.com> | 2015-08-20 18:32:32 -0700 |
commit | 77e508d8fd7a915f5ae221f5e4d6022560398a9e (patch) | |
tree | 5f84fab8734834d5600ae3cfde9b3374d9e2cec0 | |
parent | 2de0935e276e45ac0090d32fd345593c2db92a5b (diff) | |
download | gitlab-ce-fix-fork-mr-labels.tar.gz |
Fix bug where non-project members of the target project could set labels on new merge requests.fix-fork-mr-labels
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | app/views/shared/issuable/_form.html.haml | 2 |
2 files changed, 2 insertions, 1 deletions
diff --git a/CHANGELOG b/CHANGELOG index 54f83e5aeac..17b063536df 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -9,6 +9,7 @@ v 8.0.0 (unreleased) - Allow configuration of import sources for new projects (Artem Sidorenko) v 7.14.0 (unreleased) + - Fix bug where non-project members of the target project could set labels on new merge requests. - Update default robots.txt rules to disallow crawling of irrelevant pages (Ben Bodenmiller) - Fix redirection after sign in when using auto_sign_in_with_provider - Upgrade gitlab_git to 7.2.14 to ignore CRLFs in .gitmodules (Stan Hu) diff --git a/app/views/shared/issuable/_form.html.haml b/app/views/shared/issuable/_form.html.haml index 3489bf3f191..f6b09de3839 100644 --- a/app/views/shared/issuable/_form.html.haml +++ b/app/views/shared/issuable/_form.html.haml @@ -38,7 +38,7 @@ .clearfix .error-alert %hr -- if can?(current_user, :"admin_#{issuable.to_ability_name}", @project) +- if can?(current_user, :"admin_#{issuable.to_ability_name}", issuable.project) .form-group .issue-assignee = f.label :assignee_id, class: 'control-label' do |