Commit graph

8 commits

Author SHA1 Message Date
Heinrich Lee Yu
35b8f103a8
Prevent comments by email when issue is locked
This changes the permission check so it uses the policy on Noteable
instead of Project. This prevents bypassing of rules defined in
Noteable for locked discussions and confidential issues.

Also rechecks permissions when reply_to_discussion_id is provided since the
discussion_id may be from a different noteable.
2019-01-31 16:52:48 +01:00
Rémy Coutable
4c7b7a842a
Make ProjectSnippetPolicy EE-ready
Signed-off-by: Rémy Coutable <remy@rymai.me>
2019-01-07 18:45:54 +01:00
gfyoung
d5bf57a6af Enable frozen string in presenters and policies
Enable frozen string in:

* app/presenters
* app/policies

Partially addresses #47424.
2018-07-24 13:18:25 -07:00
http://jneen.net/
37c401433b convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
DJ Mountney
ae6adf165c Merge branch '25934-project-snippet-vis' into 'security-9-2'
Fix visibility when referencing snippets

See merge request !2101
2017-06-08 09:56:39 -07:00
Douwe Maan
ad309f5d11 Merge branch 'snippets-finder-visibility' into 'security'
Refactor snippets finder & dont return internal snippets for external users

See merge request !2094
2017-05-10 16:48:18 +02:00
Timothy Andrew
2e0e2b22d6
Backport changes from gitlab-org/gitlab-ee!998
Some changes in EE for the auditor user feature need
to be backported to CE to avoid merge conflicts. This
commit encapsulates all these backports.
2017-02-06 01:17:33 +05:30
http://jneen.net/
d87c1d550f port notes and project snippets 2016-08-30 11:39:22 -07:00