diff options
author | Jose Ivan Vargas <jvargas@gitlab.com> | 2017-03-14 12:00:00 -0600 |
---|---|---|
committer | Jose Ivan Vargas <jvargas@gitlab.com> | 2017-03-14 12:00:00 -0600 |
commit | 30f99608ffa5a4ce3d403276df5d68a23ec9b338 (patch) | |
tree | 6a29d867201c9dab3848524cc8ebf07b9ecda9ff | |
parent | f47946591a52536c7dd7d02d11ffb7390549470b (diff) | |
download | gitlab-ce-30f99608ffa5a4ce3d403276df5d68a23ec9b338.tar.gz |
Fixed some missing permission conditions
-rw-r--r-- | app/views/groups/_settings_head.html.haml | 11 | ||||
-rw-r--r-- | app/views/layouts/nav/_group.html.haml | 12 |
2 files changed, 12 insertions, 11 deletions
diff --git a/app/views/groups/_settings_head.html.haml b/app/views/groups/_settings_head.html.haml index d225f7ed3c0..d99426bc2c1 100644 --- a/app/views/groups/_settings_head.html.haml +++ b/app/views/groups/_settings_head.html.haml @@ -1,3 +1,5 @@ +- can_admin_group = can?(current_user, :admin_group, @group) +- can_edit = can?(current_user, :admin_group, @group) = content_for :sub_nav do .scrolling-tabs-container.sub-nav-scroll = render 'shared/nav_scroll' @@ -8,7 +10,8 @@ %span Projects - = nav_link(path: 'groups#edit') do - = link_to edit_group_path(@group), title: 'Edit Group' do - %span - Edit Group + - if can_edit && can_admin_group + = nav_link(path: 'groups#edit') do + = link_to edit_group_path(@group), title: 'Edit Group' do + %span + Edit Group diff --git a/app/views/layouts/nav/_group.html.haml b/app/views/layouts/nav/_group.html.haml index 9de0e344196..b2ecf6504e0 100644 --- a/app/views/layouts/nav/_group.html.haml +++ b/app/views/layouts/nav/_group.html.haml @@ -1,5 +1,4 @@ - can_admin_group = can?(current_user, :admin_group, @group) -- can_edit = can?(current_user, :admin_group, @group) .scrolling-tabs-container{ class: nav_control_class } .fade-left = icon('angle-left') @@ -26,9 +25,8 @@ = link_to group_group_members_path(@group), title: 'Members' do %span Members - - if current_user - - if can_admin_group || can_edit - = nav_link(path: %w[groups#projects groups#edit]) do - = link_to projects_group_path(@group), title: 'Settings' do - %span - Settings + - if current_user && can_admin_group + = nav_link(path: %w[groups#projects groups#edit]) do + = link_to projects_group_path(@group), title: 'Settings' do + %span + Settings |