diff options
| author | Vinnie Okada <vokada@mrvinn.com> | 2015-03-14 10:30:48 -0600 |
|---|---|---|
| committer | Vinnie Okada <vokada@mrvinn.com> | 2015-03-14 10:30:48 -0600 |
| commit | 5710c1aaf865d56013e272d2f32abe70d987eafc (patch) | |
| tree | 1bf268f976705e00d2cfdf6475a21df757d93d41 | |
| parent | 9623b71a3975bb442b85aa57146b788f96de6320 (diff) | |
| download | gitlab-ce-5710c1aaf865d56013e272d2f32abe70d987eafc.tar.gz | |
Update snippet authorization
Allow authors and admins to update the visibility level of personal and
project snippets.
| -rw-r--r-- | app/models/ability.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/app/models/ability.rb b/app/models/ability.rb index 890417e780d..652c6001e08 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -225,13 +225,15 @@ class Ability [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name| define_method "#{name}_abilities" do |user, subject| - if subject.author == user - [ + if subject.author == user || user.is_admin? + rules = [ :"read_#{name}", :"write_#{name}", :"modify_#{name}", :"admin_#{name}" ] + rules.push(:change_visibility_level) if subject.is_a?(Snippet) + rules elsif subject.respond_to?(:assignee) && subject.assignee == user [ :"read_#{name}", |