Douwe Maan
206953a430
Prefer leading style for Style/DotPosition
2017-02-23 09:32:22 -06:00
Douwe Maan
46dff6910d
More backport
2017-02-06 17:19:37 -06:00
Grzegorz Bizon
5e3f8db707
Fix build access policies when pipelines are public
2017-01-23 14:49:13 +01:00
Rémy Coutable
061bb6eb6e
More improvements to presenters
...
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-01-18 16:38:35 +01:00
Rémy Coutable
fd72c0f4c7
Handle presenters in BasePolicy
...
Signed-off-by: Rémy Coutable <remy@rymai.me>
2017-01-18 16:38:34 +01:00
Dmitriy Zaporozhets
7b4b3d5f26
Include group parents into read access for project and group
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-12-26 10:57:11 +02:00
Dmitriy Zaporozhets
b6a1c0bf9b
Add missing group policy spec
...
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2016-12-15 21:30:35 +02:00
Z.J. van de Weg
1096040024
Update effected tests
2016-12-04 17:32:33 +01:00
Z.J. van de Weg
617f43c74b
Guests can read builds if those are public
...
Fixes #18448
2016-12-04 15:48:50 +01:00
Douglas Barbosa Alexandre
42c332689d
Improve ProjectPolicy spec to check permissions when wiki is disabled
2016-11-30 16:02:25 -02:00
Yorick Peterse
3c957c0066
Added tests for IssuePolicy
2016-11-07 12:49:24 +01:00
Kamil Trzcinski
517dd4a3f3
Allow owners to fetch source code in CI builds
...
Due to different way of handling owners of a project, they were not allowed to fetch CI sources for project.
2016-11-01 09:37:20 +01:00
Sean McGivern
af6cf695c4
Add specs for a user from a group link
2016-10-28 15:11:32 +01:00
Sean McGivern
db9979bcad
Fix project member access for group links
...
`ProjectTeam#find_member` doesn't take group links into account. It was
used in two places:
1. An admin view - it can stay here.
2. `ProjectTeam#member?`, which is often used to decide if a user has
access to view something.
This second part broke confidential issues viewing. `IssuesFinder` ends
up delegating to `Project#authorized_for_user?`, which does consider
group links, so users with access to the project via a group link could
see confidential issues on the index page. However, `IssuesPolicy` used
`ProjectTeam#member?`, so the same user couldn't view the issue when
going to it directly.
2016-10-28 09:20:55 +01:00
Valery Sizov
b4004488f7
Make guests unable to view MRs
2016-10-11 16:51:26 +03:00
Alejandro Rodríguez
1d35c5b3ae
Improve project policy spec
2016-10-06 18:54:28 -03:00
Felipe Artur
98559adf71
Test if issue authors can access private projects
2016-09-20 14:57:23 -03:00
http://jneen.net/
29b1623a36
add project_policy_spec to replace .project_abilities spec
2016-08-30 11:35:06 -07:00