Remove group members check
This commit is contained in:
Felipe Artur
parent
ce96d482d9
commit
09c8cf9de6
5 changed files with 14 additions and 24 deletions
|
|
@ -1,7 +1,6 @@
|
||||||
class Groups::GroupMembersController < Groups::ApplicationController
|
class Groups::GroupMembersController < Groups::ApplicationController
|
||||||
# Authorize
|
# Authorize
|
||||||
before_action :authorize_admin_group_member!, except: [:index, :leave]
|
before_action :authorize_admin_group_member!, except: [:index, :leave]
|
||||||
before_action :authorize_read_group_members!, only: [:index]
|
|
||||||
|
|
||||||
def index
|
def index
|
||||||
@project = @group.projects.find(params[:project_id]) if params[:project_id]
|
@project = @group.projects.find(params[:project_id]) if params[:project_id]
|
||||||
|
|
@ -80,10 +79,4 @@ class Groups::GroupMembersController < Groups::ApplicationController
|
||||||
def member_params
|
def member_params
|
||||||
params.require(:group_member).permit(:access_level, :user_id)
|
params.require(:group_member).permit(:access_level, :user_id)
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
|
||||||
|
|
||||||
def authorize_read_group_members!
|
|
||||||
render_404 unless can?(current_user, :read_group_members, @group)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -57,6 +57,7 @@ class Ability
|
||||||
:read_label,
|
:read_label,
|
||||||
:read_milestone,
|
:read_milestone,
|
||||||
:read_project_snippet,
|
:read_project_snippet,
|
||||||
|
:read_project_member,
|
||||||
:read_merge_request,
|
:read_merge_request,
|
||||||
:read_note,
|
:read_note,
|
||||||
:read_commit_status,
|
:read_commit_status,
|
||||||
|
|
@ -91,10 +92,7 @@ class Ability
|
||||||
subject.group
|
subject.group
|
||||||
end
|
end
|
||||||
|
|
||||||
if group.public?
|
rules << :read_group if group.public?
|
||||||
rules << :read_group
|
|
||||||
rules << :read_group_members unless restricted_public_level?
|
|
||||||
end
|
|
||||||
|
|
||||||
rules
|
rules
|
||||||
end
|
end
|
||||||
|
|
@ -293,7 +291,7 @@ class Ability
|
||||||
|
|
||||||
def group_abilities(user, group)
|
def group_abilities(user, group)
|
||||||
rules = []
|
rules = []
|
||||||
rules << [:read_group, :read_group_members] if can_read_group?(user, group)
|
rules << :read_group if can_read_group?(user, group)
|
||||||
|
|
||||||
# Only group masters and group owners can create new projects
|
# Only group masters and group owners can create new projects
|
||||||
if group.has_master?(user) || group.has_owner?(user) || user.admin?
|
if group.has_master?(user) || group.has_owner?(user) || user.admin?
|
||||||
|
|
|
||||||
|
|
@ -36,14 +36,11 @@
|
||||||
Merge Requests
|
Merge Requests
|
||||||
- merge_requests = MergeRequestsFinder.new(current_user, group_id: @group.id, state: 'opened').execute
|
- merge_requests = MergeRequestsFinder.new(current_user, group_id: @group.id, state: 'opened').execute
|
||||||
%span.count= number_with_delimiter(merge_requests.count)
|
%span.count= number_with_delimiter(merge_requests.count)
|
||||||
|
= nav_link(controller: [:group_members]) do
|
||||||
- if can?(current_user, :read_group_members, @group)
|
= link_to group_group_members_path(@group), title: 'Members' do
|
||||||
= nav_link(controller: [:group_members]) do
|
= icon('users fw')
|
||||||
= link_to group_group_members_path(@group), title: 'Members' do
|
%span
|
||||||
= icon('users fw')
|
Members
|
||||||
%span
|
|
||||||
Members
|
|
||||||
|
|
||||||
- if can?(current_user, :admin_group, @group)
|
- if can?(current_user, :admin_group, @group)
|
||||||
= nav_link(html_options: { class: "separate-item" }) do
|
= nav_link(html_options: { class: "separate-item" }) do
|
||||||
= link_to edit_group_path(@group), title: 'Settings' do
|
= link_to edit_group_path(@group), title: 'Settings' do
|
||||||
|
|
|
||||||
|
|
@ -77,7 +77,7 @@
|
||||||
Merge Requests
|
Merge Requests
|
||||||
%span.count.merge_counter= number_with_delimiter(@project.merge_requests.opened.count)
|
%span.count.merge_counter= number_with_delimiter(@project.merge_requests.opened.count)
|
||||||
|
|
||||||
- if project_nav_tab?(:settings)
|
- if project_nav_tab? :settings
|
||||||
= nav_link(controller: [:project_members, :teams]) do
|
= nav_link(controller: [:project_members, :teams]) do
|
||||||
= link_to namespace_project_project_members_path(@project.namespace, @project), title: 'Members', class: 'team-tab tab' do
|
= link_to namespace_project_project_members_path(@project.namespace, @project), title: 'Members', class: 'team-tab tab' do
|
||||||
= icon('users fw')
|
= icon('users fw')
|
||||||
|
|
|
||||||
|
|
@ -4,15 +4,17 @@ describe Groups::GroupMembersController do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
let(:group) { create(:group) }
|
let(:group) { create(:group) }
|
||||||
|
|
||||||
context "when public visibility level is restricted" do
|
context "index" do
|
||||||
before do
|
before do
|
||||||
group.add_owner(user)
|
group.add_owner(user)
|
||||||
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'does not show group members' do
|
it 'renders index with group members' do
|
||||||
get :index, group_id: group.path
|
get :index, group_id: group.path
|
||||||
expect(response.status).to eq(404)
|
|
||||||
|
expect(response.status).to eq(200)
|
||||||
|
expect(response).to render_template(:index)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue