Add latest changes from gitlab-org/gitlab@14-0-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-17 10:07:47 +0000
committer: GitLab Bot <gitlab-bot@gitlab.com> 2021-06-17 10:07:47 +0000
commit: d670c3006e6e44901bce0d53cc4768d1d80ffa92 (patch)
tree: 8f65743c232e5b76850c4cc264ba15e1185815ff /app/policies
parent: a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4 (diff)
download: gitlab-ce-d670c3006e6e44901bce0d53cc4768d1d80ffa92.tar.gz
3 files changed, 11 insertions, 3 deletions
diff --git a/app/policies/base_policy.rb b/app/policies/base_policy.rb
index 0f7a6b852ab..77897c5807f 100644
--- a/app/policies/base_policy.rb
+++ b/app/policies/base_policy.rb
@@ -27,6 +27,10 @@ class BasePolicy < DeclarativePolicy::Base
   with_options scope: :user, score: 0
   condition(:security_bot) { @user&.security_bot? }
 
+  desc "User is automation bot"
+  with_options scope: :user, score: 0
+  condition(:automation_bot) { @user&.automation_bot? }
+
   desc "User email is unconfirmed or user account is locked"
   with_options scope: :user, score: 0
   condition(:inactive) { @user&.confirmation_required_on_sign_in? || @user&.access_locked? }
@@ -63,7 +67,7 @@ class BasePolicy < DeclarativePolicy::Base
 
   rule { default }.enable :read_cross_project
 
-  condition(:is_gitlab_com) { ::Gitlab.dev_env_or_com? }
+  condition(:is_gitlab_com, score: 0, scope: :global) { ::Gitlab.dev_env_or_com? }
 end
 
 BasePolicy.prepend_mod_with('BasePolicy')
diff --git a/app/policies/concerns/policy_actor.rb b/app/policies/concerns/policy_actor.rb
index cbc34bdeed3..8fa09683b06 100644
--- a/app/policies/concerns/policy_actor.rb
+++ b/app/policies/concerns/policy_actor.rb
@@ -53,6 +53,10 @@ module PolicyActor
     false
   end
 
+  def automation_bot?
+    false
+  end
+
   def deactivated?
     false
   end
@@ -81,7 +85,7 @@ module PolicyActor
     false
   end
 
-  def password_expired?
+  def password_expired_if_applicable?
     false
   end
 
diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb
index 35d38bac7fa..c3b4b163cb4 100644
--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@@ -16,7 +16,7 @@ class GlobalPolicy < BasePolicy
   end
 
   condition(:password_expired, scope: :user) do
-    @user&.password_expired?
+    @user&.password_expired_if_applicable?
   end
 
   condition(:project_bot, scope: :user) { @user&.project_bot? }
author	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-17 10:07:47 +0000
committer	GitLab Bot <gitlab-bot@gitlab.com>	2021-06-17 10:07:47 +0000
commit	d670c3006e6e44901bce0d53cc4768d1d80ffa92 (patch)
tree	8f65743c232e5b76850c4cc264ba15e1185815ff /app/policies
parent	a5f4bba440d7f9ea47046a0a561d49adf0a1e6d4 (diff)
download	gitlab-ce-d670c3006e6e44901bce0d53cc4768d1d80ffa92.tar.gz