moved fork checks into policies
This commit is contained in:
parent
8585ae61e7
commit
93aa6d04c2
6 changed files with 61 additions and 9 deletions
|
@ -11,6 +11,8 @@ class GlobalPolicy < BasePolicy
|
||||||
with_options scope: :user, score: 0
|
with_options scope: :user, score: 0
|
||||||
condition(:access_locked) { @user.access_locked? }
|
condition(:access_locked) { @user.access_locked? }
|
||||||
|
|
||||||
|
condition(:can_create_fork, scope: :user) { @user.manageable_namespaces.any? { |namespace| @user.can?(:create_projects, namespace) } }
|
||||||
|
|
||||||
rule { anonymous }.policy do
|
rule { anonymous }.policy do
|
||||||
prevent :log_in
|
prevent :log_in
|
||||||
prevent :access_api
|
prevent :access_api
|
||||||
|
@ -40,6 +42,10 @@ class GlobalPolicy < BasePolicy
|
||||||
enable :create_group
|
enable :create_group
|
||||||
end
|
end
|
||||||
|
|
||||||
|
rule { can_create_fork }.policy do
|
||||||
|
enable :create_fork
|
||||||
|
end
|
||||||
|
|
||||||
rule { access_locked }.policy do
|
rule { access_locked }.policy do
|
||||||
prevent :log_in
|
prevent :log_in
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,10 +1,14 @@
|
||||||
class NamespacePolicy < BasePolicy
|
class NamespacePolicy < BasePolicy
|
||||||
rule { anonymous }.prevent_all
|
rule { anonymous }.prevent_all
|
||||||
|
|
||||||
|
condition(:personal_project, scope: :subject) { @subject.kind == 'user' }
|
||||||
|
condition(:can_create_personal_project, scope: :user) { @user.can_create_project? }
|
||||||
condition(:owner) { @subject.owner == @user }
|
condition(:owner) { @subject.owner == @user }
|
||||||
|
|
||||||
rule { owner | admin }.policy do
|
rule { owner | admin }.policy do
|
||||||
enable :create_projects
|
enable :create_projects
|
||||||
enable :admin_namespace
|
enable :admin_namespace
|
||||||
end
|
end
|
||||||
|
|
||||||
|
rule { personal_project & ~can_create_personal_project }.prevent :create_projects
|
||||||
end
|
end
|
||||||
|
|
|
@ -5,10 +5,10 @@
|
||||||
= custom_icon('icon_fork')
|
= custom_icon('icon_fork')
|
||||||
%span= s_('GoToYourFork|Fork')
|
%span= s_('GoToYourFork|Fork')
|
||||||
- else
|
- else
|
||||||
- can_fork = current_user.can_create_project? || current_user.manageable_namespaces.count > 1
|
- can_create_fork = current_user.can?(:create_fork)
|
||||||
= link_to new_project_fork_path(@project),
|
= link_to new_project_fork_path(@project),
|
||||||
class: "btn btn-default #{'has-tooltip disabled' unless can_fork}",
|
class: "btn btn-default #{'has-tooltip disabled' unless can_create_fork}",
|
||||||
title: (_('You have reached your project limit') unless can_fork) do
|
title: (_('You have reached your project limit') unless can_create_fork) do
|
||||||
= custom_icon('icon_fork')
|
= custom_icon('icon_fork')
|
||||||
%span= s_('CreateNewFork|Fork')
|
%span= s_('CreateNewFork|Fork')
|
||||||
.count-with-arrow
|
.count-with-arrow
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
- page_title "Fork project"
|
- page_title "Fork project"
|
||||||
- can_create_project = current_user.can_create_project?
|
|
||||||
|
|
||||||
.row.prepend-top-default
|
.row.prepend-top-default
|
||||||
.col-lg-3
|
.col-lg-3
|
||||||
|
@ -14,7 +13,7 @@
|
||||||
- if @namespaces.present?
|
- if @namespaces.present?
|
||||||
%label.label-light
|
%label.label-light
|
||||||
%span
|
%span
|
||||||
#{ "Click to fork the project to a #{'user or' if can_create_project} group" }
|
Click to fork the project
|
||||||
- @namespaces.in_groups_of(6, false) do |group|
|
- @namespaces.in_groups_of(6, false) do |group|
|
||||||
.row
|
.row
|
||||||
- group.each do |namespace|
|
- group.each do |namespace|
|
||||||
|
@ -30,12 +29,12 @@
|
||||||
.caption
|
.caption
|
||||||
= namespace.human_name
|
= namespace.human_name
|
||||||
- else
|
- else
|
||||||
- is_disabled = namespace.kind === 'user' && !can_create_project
|
- can_create_project = current_user.can?(:create_projects, namespace)
|
||||||
.fork-thumbnail{ class: ("disabled" if is_disabled) }
|
.fork-thumbnail{ class: ("disabled" unless can_create_project) }
|
||||||
= link_to project_forks_path(@project, namespace_key: namespace.id),
|
= link_to project_forks_path(@project, namespace_key: namespace.id),
|
||||||
method: "POST",
|
method: "POST",
|
||||||
class: ("disabled has-tooltip" if is_disabled),
|
class: ("disabled has-tooltip" unless can_create_project),
|
||||||
title: (_('You have reached your project limit') if is_disabled) do
|
title: (_('You have reached your project limit') unless can_create_project) do
|
||||||
- if /no_((\w*)_)*avatar/.match(avatar)
|
- if /no_((\w*)_)*avatar/.match(avatar)
|
||||||
.no-avatar
|
.no-avatar
|
||||||
= icon 'question'
|
= icon 'question'
|
||||||
|
|
|
@ -52,6 +52,29 @@ describe GlobalPolicy do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "create fork" do
|
||||||
|
context "when user has not exceeded project limit" do
|
||||||
|
it { is_expected.to be_allowed(:create_fork) }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when user has exceeded project limit" do
|
||||||
|
let(:current_user) { create(:user, projects_limit: 0) }
|
||||||
|
|
||||||
|
it { is_expected.not_to be_allowed(:create_fork) }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "when user is a master in a group" do
|
||||||
|
let(:group) { create(:group) }
|
||||||
|
let(:current_user) { create(:user, projects_limit: 0) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
group.add_master(current_user)
|
||||||
|
end
|
||||||
|
|
||||||
|
it { is_expected.to be_allowed(:create_fork) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'custom attributes' do
|
describe 'custom attributes' do
|
||||||
context 'regular user' do
|
context 'regular user' do
|
||||||
it { is_expected.not_to be_allowed(:read_custom_attribute) }
|
it { is_expected.not_to be_allowed(:read_custom_attribute) }
|
||||||
|
|
20
spec/policies/namespace_policy_spec.rb
Normal file
20
spec/policies/namespace_policy_spec.rb
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe NamespacePolicy do
|
||||||
|
let(:current_user) { create(:user) }
|
||||||
|
let(:namespace) { current_user.namespace }
|
||||||
|
|
||||||
|
subject { described_class.new(current_user, namespace) }
|
||||||
|
|
||||||
|
context "create projects" do
|
||||||
|
context "user namespace" do
|
||||||
|
it { is_expected.to be_allowed(:create_projects) }
|
||||||
|
end
|
||||||
|
|
||||||
|
context "user who has exceeded project limit" do
|
||||||
|
let(:current_user) { create(:user, projects_limit: 0) }
|
||||||
|
|
||||||
|
it { is_expected.not_to be_allowed(:create_projects) }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue