Instead of exposing the VisibilityLevel as Integer, expose it as
String `visibility` for Project and ProjectSnippet.
Filter queries also accept the `visibility` as String instead of
`visibility_level` as Integer.
Also remove the `public` boolean.
Apply the same spam checks to public snippets (either personal snippets
that are public, or public snippets on public projects) as to issues on
public projects.
write_ was renamed to create_
modify_ was renamed to update_
So now in update action we have next code
def create
can?(current_user, :create_issue, @issue)
end
def update
can?(current_user, :update_issue, @issue)
end
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Add new service classes to create and update project and personal
snippets. These classes are responsible for enforcing restricted
visibility settings for non-admin users.
* users (#6878, #3526, #4209): Validation error messages are now exposed through 400 responses, 409 response are sent in case of duplicate email or username
* MRs (#5335): 409 responses are sent in case of duplicate merge request (source/target branches), 422 responses are sent when submiting MR fo/from unrelated forks
* issues
* labels
* projects
Douwe Maan