Create cross project group features
This allows us to check specific abilities in views, while still enabling/disabling them at once.
This commit is contained in:
parent
83f79ced3f
commit
a57ec31e45
4 changed files with 28 additions and 5 deletions
|
@ -128,8 +128,10 @@ module GroupsHelper
|
|||
def get_group_sidebar_links
|
||||
links = [:overview, :group_members]
|
||||
|
||||
if can?(current_user, :read_cross_project)
|
||||
links += [:activity, :issues, :boards, :labels, :milestones, :merge_requests]
|
||||
resources = [:activity, :issues, :boards, :labels, :milestones,
|
||||
:merge_requests]
|
||||
links += resources.select do |resource|
|
||||
can?(current_user, "read_group_#{resource}".to_sym, @group)
|
||||
end
|
||||
|
||||
if can?(current_user, :admin_group, @group)
|
||||
|
|
|
@ -72,6 +72,19 @@ class GroupPolicy < BasePolicy
|
|||
enable :change_visibility_level
|
||||
end
|
||||
|
||||
rule { can?(:read_nested_project_resources) }.policy do
|
||||
enable :read_group_activity
|
||||
enable :read_group_issues
|
||||
enable :read_group_boards
|
||||
enable :read_group_labels
|
||||
enable :read_group_milestones
|
||||
enable :read_group_merge_requests
|
||||
end
|
||||
|
||||
rule { can?(:read_cross_project) & can?(:read_group) }.policy do
|
||||
enable :read_nested_project_resources
|
||||
end
|
||||
|
||||
rule { owner & nested_groups_supported }.enable :create_subgroup
|
||||
|
||||
rule { public_group | logged_in_viewable }.enable :view_globally
|
||||
|
|
|
@ -206,8 +206,9 @@ describe GroupsHelper do
|
|||
let(:group) { create(:group, :public) }
|
||||
let(:user) { create(:user) }
|
||||
before do
|
||||
group.add_owner(user)
|
||||
allow(helper).to receive(:current_user) { user }
|
||||
allow(helper).to receive(:can?) { true }
|
||||
allow(helper).to receive(:can?) { |*args| Ability.allowed?(*args) }
|
||||
helper.instance_variable_set(:@group, group)
|
||||
end
|
||||
|
||||
|
@ -231,7 +232,10 @@ describe GroupsHelper do
|
|||
cross_project_features = [:activity, :issues, :labels, :milestones,
|
||||
:merge_requests]
|
||||
|
||||
expect(helper).to receive(:can?).with(user, :read_cross_project) { false }
|
||||
allow(Ability).to receive(:allowed?).and_call_original
|
||||
cross_project_features.each do |feature|
|
||||
expect(Ability).to receive(:allowed?).with(user, "read_group_#{feature}".to_sym, group) { false }
|
||||
end
|
||||
|
||||
expect(helper.group_sidebar_links).not_to include(*cross_project_features)
|
||||
end
|
||||
|
|
|
@ -9,7 +9,11 @@ describe GroupPolicy do
|
|||
let(:admin) { create(:admin) }
|
||||
let(:group) { create(:group, :private) }
|
||||
|
||||
let(:guest_permissions) { [:read_label, :read_group, :upload_file, :read_namespace] }
|
||||
let(:guest_permissions) do
|
||||
[:read_label, :read_group, :upload_file, :read_namespace, :read_group_activity,
|
||||
:read_group_issues, :read_group_boards, :read_group_labels, :read_group_milestones,
|
||||
:read_group_merge_requests]
|
||||
end
|
||||
|
||||
let(:reporter_permissions) { [:admin_label] }
|
||||
|
||||
|
|
Loading…
Reference in a new issue