gitlab-org--gitlab-foss

History

Krasimir Angelov 241ba4be79 Allow guests users to access project releases This is step one of resolving https://gitlab.com/gitlab-org/gitlab-ce/issues/56838. Here is what changed: - Revert the security fix from `bdee9e8412`. - Do not leak repository information (tag name, commit) to guests in API responses. - Do not include links to source code in API responses for users that do not have download_code access. - Show Releases in sidebar for guests. - Do not display links to source code under Assets for users that do not have download_code access. GET ':id/releases/:tag_name' still do not allow guests to access releases. This is to prevent guessing tag existence.		2019-05-03 13:29:20 +00:00
..
application_setting	…
ci	Add new permission model `read-pipeline-variable`	2019-04-09 14:53:44 +00:00
clusters	Add policy for clusters on group level	2018-11-08 23:14:06 +13:00
concerns	…
base_policy_spec.rb	Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE	2019-04-09 15:38:58 +00:00
board_policy_spec.rb	Factorize policy helpers into PolicyHelpers	2019-03-27 15:41:46 +01:00
commit_policy_spec.rb	Add frozen_string_literal to new files	2019-03-04 23:19:19 -08:00
deploy_key_policy_spec.rb	…
deploy_token_policy_spec.rb	…
environment_policy_spec.rb	…
global_policy_spec.rb	Add metadata about the GitLab server to GraphQL	2019-03-05 15:00:32 +00:00
group_member_policy_spec.rb	Add cr remarks	2019-04-04 14:19:57 +00:00
group_policy_spec.rb	Add part of needed code	2019-04-05 18:49:46 +00:00
identity_provider_policy_spec.rb	Move out link\unlink ability checks to a policy	2019-03-19 15:38:16 +03:00
issuable_policy_spec.rb	Disallow reopening of locked merge requests	2019-03-08 08:34:20 +00:00
issue_policy_spec.rb	Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE	2019-04-09 15:38:58 +00:00
merge_request_policy_spec.rb	Move Contribution Analytics related spec in spec/features/groups/group_page_with_external_authorization_service_spec to EE	2019-04-09 15:38:58 +00:00
namespace_policy_spec.rb	[CE] Reduce the diff with EE in spec/policies/namespace_policy_spec.rb	2019-03-27 15:41:45 +01:00
note_policy_spec.rb	Forbid creating discussions for users with restricted access	2019-03-04 18:37:08 +00:00
personal_snippet_policy_spec.rb	Remove the `comment_personal_snippet` permission	2019-05-02 11:13:42 +01:00
project_policy_spec.rb	Allow guests users to access project releases	2019-05-03 13:29:20 +00:00
project_snippet_policy_spec.rb	Factorize policy helpers into PolicyHelpers	2019-03-27 15:41:46 +01:00
protected_branch_policy_spec.rb	…
user_policy_spec.rb	…