Enforce restricted visibilities for snippets

Add new service classes to create and update project and personal
snippets.  These classes are responsible for enforcing restricted
visibility settings for non-admin users.

3 files changed, 2 insertions, 20 deletions

diff --git a/app/services/projects/base_service.rb b/app/services/projects/base_service.rb
deleted file mode 100644
index 2a683e0d40a..00000000000
--- a/app/services/projects/base_service.rb
+++ /dev/null
@@ -1,18 +0,0 @@
-module Projects
-  class BaseService < ::BaseService
-    # Add an error to the project for restricted visibility levels
-    def deny_visibility_level(project, denied_visibility_level = nil)
-      denied_visibility_level ||= project.visibility_level
-
-      level_name = 'Unknown'
-      Gitlab::VisibilityLevel.options.each do |name, level|
-        level_name = name if level == denied_visibility_level
-      end
-
-      project.errors.add(
-        :visibility_level,
-        "#{level_name} visibility has been restricted by your GitLab administrator"
-      )
-    end
-  end
-end
diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index 5f166a9a30b..7ffd0b3882a 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -1,5 +1,5 @@
 module Projects
-  class CreateService < Projects::BaseService
+  class CreateService < BaseService
     def initialize(user, params)
       @current_user, @params = user, params.dup
     end
diff --git a/app/services/projects/update_service.rb b/app/services/projects/update_service.rb
index 823afadc186..69bdd045ddf 100644
--- a/app/services/projects/update_service.rb
+++ b/app/services/projects/update_service.rb
@@ -1,5 +1,5 @@
 module Projects
-  class UpdateService < Projects::BaseService
+  class UpdateService < BaseService
     def execute
       # check that user is allowed to set specified visibility_level
       new_visibility = params[:visibility_level]