summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJose Ivan Vargas <jvargas@gitlab.com>2017-03-14 12:00:00 -0600
committerJose Ivan Vargas <jvargas@gitlab.com>2017-03-14 12:00:00 -0600
commit30f99608ffa5a4ce3d403276df5d68a23ec9b338 (patch)
tree6a29d867201c9dab3848524cc8ebf07b9ecda9ff
parentf47946591a52536c7dd7d02d11ffb7390549470b (diff)
downloadgitlab-ce-30f99608ffa5a4ce3d403276df5d68a23ec9b338.tar.gz
Fixed some missing permission conditions
-rw-r--r--app/views/groups/_settings_head.html.haml11
-rw-r--r--app/views/layouts/nav/_group.html.haml12
2 files changed, 12 insertions, 11 deletions
diff --git a/app/views/groups/_settings_head.html.haml b/app/views/groups/_settings_head.html.haml
index d225f7ed3c0..d99426bc2c1 100644
--- a/app/views/groups/_settings_head.html.haml
+++ b/app/views/groups/_settings_head.html.haml
@@ -1,3 +1,5 @@
+- can_admin_group = can?(current_user, :admin_group, @group)
+- can_edit = can?(current_user, :admin_group, @group)
= content_for :sub_nav do
.scrolling-tabs-container.sub-nav-scroll
= render 'shared/nav_scroll'
@@ -8,7 +10,8 @@
%span
Projects
- = nav_link(path: 'groups#edit') do
- = link_to edit_group_path(@group), title: 'Edit Group' do
- %span
- Edit Group
+ - if can_edit && can_admin_group
+ = nav_link(path: 'groups#edit') do
+ = link_to edit_group_path(@group), title: 'Edit Group' do
+ %span
+ Edit Group
diff --git a/app/views/layouts/nav/_group.html.haml b/app/views/layouts/nav/_group.html.haml
index 9de0e344196..b2ecf6504e0 100644
--- a/app/views/layouts/nav/_group.html.haml
+++ b/app/views/layouts/nav/_group.html.haml
@@ -1,5 +1,4 @@
- can_admin_group = can?(current_user, :admin_group, @group)
-- can_edit = can?(current_user, :admin_group, @group)
.scrolling-tabs-container{ class: nav_control_class }
.fade-left
= icon('angle-left')
@@ -26,9 +25,8 @@
= link_to group_group_members_path(@group), title: 'Members' do
%span
Members
- - if current_user
- - if can_admin_group || can_edit
- = nav_link(path: %w[groups#projects groups#edit]) do
- = link_to projects_group_path(@group), title: 'Settings' do
- %span
- Settings
+ - if current_user && can_admin_group
+ = nav_link(path: %w[groups#projects groups#edit]) do
+ = link_to projects_group_path(@group), title: 'Settings' do
+ %span
+ Settings