summaryrefslogtreecommitdiff
path: root/app/policies/project_policy.rb
diff options
context:
space:
mode:
authorGitLab Bot <gitlab-bot@gitlab.com>2021-07-06 13:14:47 +0000
committerGitLab Bot <gitlab-bot@gitlab.com>2021-07-06 13:14:47 +0000
commit7ab0cadbbdf42fdd316941b3260e294577d649f4 (patch)
tree26ed9d750eb7706174afddb43a9e6fab210f2176 /app/policies/project_policy.rb
parent3aad3a0b6ffb1a0fe36db41f81e8bbd3728e5f80 (diff)
downloadgitlab-ce-7ab0cadbbdf42fdd316941b3260e294577d649f4.tar.gz
Add latest changes from gitlab-org/gitlab@14-0-stable-ee
Diffstat (limited to 'app/policies/project_policy.rb')
-rw-r--r--app/policies/project_policy.rb18
1 files changed, 18 insertions, 0 deletions
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index e93c60c3710..3cb4644a60d 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -69,6 +69,16 @@ class ProjectPolicy < BasePolicy
project.merge_requests_allowing_push_to_user(user).any?
end
+ desc "Deploy key with read access"
+ condition(:download_code_deploy_key) do
+ user.is_a?(DeployKey) && user.has_access_to?(project)
+ end
+
+ desc "Deploy key with write access"
+ condition(:push_code_deploy_key) do
+ user.is_a?(DeployKey) && user.can_push_to?(project)
+ end
+
desc "Deploy token with read_package_registry scope"
condition(:read_package_registry_deploy_token) do
user.is_a?(DeployToken) && user.has_access_to?(project) && user.read_package_registry
@@ -616,6 +626,14 @@ class ProjectPolicy < BasePolicy
prevent :move_design
end
+ rule { download_code_deploy_key }.policy do
+ enable :download_code
+ end
+
+ rule { push_code_deploy_key }.policy do
+ enable :push_code
+ end
+
rule { read_package_registry_deploy_token }.policy do
enable :read_package
enable :read_project
View Lorry Controller Status