summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--app/helpers/projects_helper.rb19
-rw-r--r--changelogs/unreleased/fix-project-visibility-setting.yml4
-rw-r--r--spec/helpers/projects_helper_spec.rb23
3 files changed, 41 insertions, 5 deletions
diff --git a/app/helpers/projects_helper.rb b/app/helpers/projects_helper.rb
index 6b9e4267281..43669b6f356 100644
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -24,7 +24,7 @@ module ProjectsHelper
return "(deleted)" unless author
- author_html = ""
+ author_html = ""
# Build avatar image tag
author_html << image_tag(avatar_icon(author, opts[:size]), width: opts[:size], class: "avatar avatar-inline #{"s#{opts[:size]}" if opts[:size]} #{opts[:avatar_class] if opts[:avatar_class]}", alt: '') if opts[:avatar]
@@ -45,7 +45,7 @@ module ProjectsHelper
link_to(author_html, user_path(author), class: "author_link #{"#{opts[:extra_class]}" if opts[:extra_class]} #{"#{opts[:mobile_classes]}" if opts[:mobile_classes]}").html_safe
else
title = opts[:title].sub(":name", sanitize(author.name))
- link_to(author_html, user_path(author), class: "author_link has-tooltip", title: title, data: { container: 'body' } ).html_safe
+ link_to(author_html, user_path(author), class: "author_link has-tooltip", title: title, data: { container: 'body' }).html_safe
end
end
@@ -430,13 +430,22 @@ module ProjectsHelper
end
def visibility_select_options(project, selected_level)
- levels_options_array = Gitlab::VisibilityLevel.values.map do |level|
- [
+ level_options = Gitlab::VisibilityLevel.values.each_with_object([]) do |level, level_options|
+ next if restricted_levels.include?(level)
+
+ level_options << [
visibility_level_label(level),
{ data: { description: visibility_level_description(level, project) } },
level
]
end
- options_for_select(levels_options_array, selected_level)
+
+ options_for_select(level_options, selected_level)
+ end
+
+ def restricted_levels
+ return [] if current_user.admin?
+
+ current_application_settings.restricted_visibility_levels || []
end
end
diff --git a/changelogs/unreleased/fix-project-visibility-setting.yml b/changelogs/unreleased/fix-project-visibility-setting.yml
new file mode 100644
index 00000000000..0fc219ccf52
--- /dev/null
+++ b/changelogs/unreleased/fix-project-visibility-setting.yml
@@ -0,0 +1,4 @@
+---
+title: Fix restricted project visibility setting available to users
+merge_request:
+author:
diff --git a/spec/helpers/projects_helper_spec.rb b/spec/helpers/projects_helper_spec.rb
index 40efab6e4f7..a7fc5d14859 100644
--- a/spec/helpers/projects_helper_spec.rb
+++ b/spec/helpers/projects_helper_spec.rb
@@ -265,4 +265,27 @@ describe ProjectsHelper do
end
end
end
+
+ describe "#visibility_select_options" do
+ let(:project) { create(:project, :repository) }
+ let(:user) { create(:user) }
+
+ before do
+ allow(helper).to receive(:current_user).and_return(user)
+
+ stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
+ end
+
+ it "does not include the Public restricted level" do
+ expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).not_to include('Public')
+ end
+
+ it "includes the Internal level" do
+ expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).to include('Internal')
+ end
+
+ it "includes the Private level" do
+ expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).to include('Private')
+ end
+ end
end