Block internal groups/projects visibility to external users

This commit is contained in:
Felipe Artur 2016-03-16 21:23:59 -03:00
parent 44c127447b
commit a18ac62756
5 changed files with 11 additions and 8 deletions

View file

@ -11,7 +11,7 @@ class ContributedProjectsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = projects_visible_to_user(current_user) relation = projects_visible_to_user(current_user)
else else
relation = public_projects relation = public_projects

View file

@ -12,7 +12,7 @@ class JoinedGroupsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = groups_visible_to_user(current_user) relation = groups_visible_to_user(current_user)
else else
relation = public_groups relation = public_groups

View file

@ -11,7 +11,7 @@ class PersonalProjectsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = projects_visible_to_user(current_user) relation = projects_visible_to_user(current_user)
else else
relation = public_projects relation = public_projects

View file

@ -295,8 +295,11 @@ class Ability
end end
def can_read_group?(user, group) def can_read_group?(user, group)
user.admin? || group.public? || group.internal? || group.users.include?(user) || if user.external?
ProjectsFinder.new.execute(user, group: group).any? group.public? || ProjectsFinder.new.execute(user, group: group).any?
else
user.admin? || group.public? || group.internal? || group.users.include?(user) || ProjectsFinder.new.execute(user, group: group).any?
end
end end
def namespace_abilities(user, namespace) def namespace_abilities(user, namespace)

View file

@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do
t.string "type" t.string "type"
t.string "title" t.string "title"
t.integer "project_id" t.integer "project_id"
t.datetime "created_at" t.datetime "created_at", null: false
t.datetime "updated_at" t.datetime "updated_at", null: false
t.boolean "active", default: false, null: false t.boolean "active", null: false
t.text "properties" t.text "properties"
t.boolean "template", default: false t.boolean "template", default: false
t.boolean "push_events", default: true t.boolean "push_events", default: true