Block internal groups/projects visibility to external users
This commit is contained in:
parent
44c127447b
commit
a18ac62756
5 changed files with 11 additions and 8 deletions
|
@ -11,7 +11,7 @@ class ContributedProjectsFinder
|
||||||
#
|
#
|
||||||
# Returns an ActiveRecord::Relation.
|
# Returns an ActiveRecord::Relation.
|
||||||
def execute(current_user = nil)
|
def execute(current_user = nil)
|
||||||
if current_user
|
if current_user && !current_user.external?
|
||||||
relation = projects_visible_to_user(current_user)
|
relation = projects_visible_to_user(current_user)
|
||||||
else
|
else
|
||||||
relation = public_projects
|
relation = public_projects
|
||||||
|
|
|
@ -12,7 +12,7 @@ class JoinedGroupsFinder
|
||||||
#
|
#
|
||||||
# Returns an ActiveRecord::Relation.
|
# Returns an ActiveRecord::Relation.
|
||||||
def execute(current_user = nil)
|
def execute(current_user = nil)
|
||||||
if current_user
|
if current_user && !current_user.external?
|
||||||
relation = groups_visible_to_user(current_user)
|
relation = groups_visible_to_user(current_user)
|
||||||
else
|
else
|
||||||
relation = public_groups
|
relation = public_groups
|
||||||
|
|
|
@ -11,7 +11,7 @@ class PersonalProjectsFinder
|
||||||
#
|
#
|
||||||
# Returns an ActiveRecord::Relation.
|
# Returns an ActiveRecord::Relation.
|
||||||
def execute(current_user = nil)
|
def execute(current_user = nil)
|
||||||
if current_user
|
if current_user && !current_user.external?
|
||||||
relation = projects_visible_to_user(current_user)
|
relation = projects_visible_to_user(current_user)
|
||||||
else
|
else
|
||||||
relation = public_projects
|
relation = public_projects
|
||||||
|
|
|
@ -295,8 +295,11 @@ class Ability
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_read_group?(user, group)
|
def can_read_group?(user, group)
|
||||||
user.admin? || group.public? || group.internal? || group.users.include?(user) ||
|
if user.external?
|
||||||
ProjectsFinder.new.execute(user, group: group).any?
|
group.public? || ProjectsFinder.new.execute(user, group: group).any?
|
||||||
|
else
|
||||||
|
user.admin? || group.public? || group.internal? || group.users.include?(user) || ProjectsFinder.new.execute(user, group: group).any?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def namespace_abilities(user, namespace)
|
def namespace_abilities(user, namespace)
|
||||||
|
|
|
@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do
|
||||||
t.string "type"
|
t.string "type"
|
||||||
t.string "title"
|
t.string "title"
|
||||||
t.integer "project_id"
|
t.integer "project_id"
|
||||||
t.datetime "created_at"
|
t.datetime "created_at", null: false
|
||||||
t.datetime "updated_at"
|
t.datetime "updated_at", null: false
|
||||||
t.boolean "active", default: false, null: false
|
t.boolean "active", null: false
|
||||||
t.text "properties"
|
t.text "properties"
|
||||||
t.boolean "template", default: false
|
t.boolean "template", default: false
|
||||||
t.boolean "push_events", default: true
|
t.boolean "push_events", default: true
|
||||||
|
|
Loading…
Reference in a new issue