From b95a0690fea46a41af01bd8a09b5c00ffdfcd515 Mon Sep 17 00:00:00 2001
From: James Edwards-Jones <jedwardsjones@gitlab.com>
Date: Wed, 8 May 2019 13:08:56 +0000
Subject: [PATCH] SSO enforcement for project resources

---
 app/policies/project_policy.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index 76544249688..3218c04b219 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -488,6 +488,10 @@ class ProjectPolicy < BasePolicy
   def team_access_level
     return -1 if @user.nil?
 
+    lookup_access_level!
+  end
+
+  def lookup_access_level!
     # NOTE: max_member_access has its own cache
     project.team.max_member_access(@user.id)
   end