gitlab-org--gitlab-foss/app/policies/group_member_policy.rb

class GroupMemberPolicy < BasePolicy
  def rules
    return unless @user

    target_user = @subject.user
    group = @subject.group

    return if group.last_owner?(target_user)

    can_manage = Ability.allowed?(@user, :admin_group_member, group)

    if can_manage
      can! :update_group_member
      can! :destroy_group_member
    elsif @user == target_user
      can! :destroy_group_member
    end

    additional_rules!
  end

  def additional_rules!
    # This is meant to be overriden in EE
  end
end
port runners, namespaces, group/project_members 2016-08-18 16:52:35 +00:00			`class GroupMemberPolicy < BasePolicy`
			`def rules`
			`return unless @user`

			`target_user = @subject.user`
			`group = @subject.group`

			`return if group.last_owner?(target_user)`

			`can_manage = Ability.allowed?(@user, :admin_group_member, group)`

			`if can_manage`
			`can! :update_group_member`
			`can! :destroy_group_member`
			`elsif @user == target_user`
			`can! :destroy_group_member`
			`end`
Backport hooks on group policies for the EE-specific implementation 2016-12-13 13:51:09 +00:00
			`additional_rules!`
			`end`

			`def additional_rules!`
			`# This is meant to be overriden in EE`
port runners, namespaces, group/project_members 2016-08-18 16:52:35 +00:00			`end`
			`end`