Use policies to handle with global/project label permissions
This commit is contained in:
parent
701544fb48
commit
32c663ff24
|
@ -54,16 +54,6 @@ module LabelsHelper
|
|||
end
|
||||
end
|
||||
|
||||
def can_admin_label(label)
|
||||
subject =
|
||||
case label
|
||||
when GroupLabel then label.group
|
||||
else label.project
|
||||
end
|
||||
|
||||
can?(current_user, :admin_label, subject)
|
||||
end
|
||||
|
||||
def edit_label_path(label)
|
||||
case label
|
||||
when GroupLabel then edit_group_label_path(label.group, label)
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
class GroupLabelPolicy < BasePolicy
|
||||
def rules
|
||||
can! :admin_label if Ability.allowed?(@user, :admin_label, @subject.group)
|
||||
end
|
||||
end
|
|
@ -0,0 +1,7 @@
|
|||
class LabelPolicy < BasePolicy
|
||||
def rules
|
||||
return unless @user
|
||||
|
||||
can! :admin_label if Ability.allowed?(@user, :admin_label, @subject.project)
|
||||
end
|
||||
end
|
|
@ -21,7 +21,7 @@
|
|||
%li.label-subscription{ data: { url: toggle_subscription_label_path(label) } }
|
||||
%a.js-subscribe-button.label-subscribe-button.subscription-status{ role: "button", href: "#", data: { toggle: "tooltip", status: label_subscription_status(label) } }
|
||||
%span= label_subscription_toggle_button_text(label)
|
||||
- if can_admin_label(label)
|
||||
- if can?(current_user, :admin_label, label)
|
||||
%li
|
||||
= link_to 'Edit', edit_label_path(label)
|
||||
%li
|
||||
|
@ -40,7 +40,7 @@
|
|||
= icon('eye', class: 'label-subscribe-button-icon')
|
||||
= icon('spinner spin', class: 'label-subscribe-button-loading')
|
||||
|
||||
- if can_admin_label(label)
|
||||
- if can?(current_user, :admin_label, label)
|
||||
= link_to edit_label_path(label), title: "Edit", class: 'btn btn-transparent btn-action', data: {toggle: "tooltip"} do
|
||||
%span.sr-only Edit
|
||||
= icon('pencil-square-o')
|
||||
|
|
Loading…
Reference in New Issue