kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/policies
History
Timothy Andrew 6fdb17cbbe
Don't allow deleting a ghost user. 
- Add a `destroy_user` ability. This didn't exist before, and was implicit in
  other abilities (only admins could access the admin area, so only they could
  destroy all users; a user can only access their own account page, and so can
  destroy only themselves).

- Grant this ability to admins, and when the current user is trying to destroy
  themselves. Disallow destroying ghost users in all cases.

- Modify the `Users::DestroyService` to check this ability. Also check it in
  views to decide whether or not to show the "Delete User" button.

- Add a short summary of the Ghost User to the bio.
2017-02-24 16:50:20 +05:30
..
ci Fix build access policies when pipelines are public 2017-01-23 14:49:13 +01:00
base_policy.rb Enable Rails/Delegate 2017-02-23 09:32:42 -06:00
commit_status_policy.rb port CommitStatus/Build 2016-08-30 11:39:22 -07:00
deployment_policy.rb add Deployment, Environment, and ExternalIssue policies 2016-08-30 11:39:22 -07:00
environment_policy.rb add Deployment, Environment, and ExternalIssue policies 2016-08-30 11:39:22 -07:00
external_issue_policy.rb add Deployment, Environment, and ExternalIssue policies 2016-08-30 11:39:22 -07:00
global_policy.rb line break after guard clause 2016-08-30 11:39:22 -07:00
group_label_policy.rb Use delegate! on group and project labels policies 2016-10-19 14:58:26 -02:00
group_member_policy.rb Backport hooks on group policies for the EE-specific implementation 2016-12-13 11:51:09 -02:00
group_policy.rb Include group parents into read access for project and group 2016-12-26 10:57:11 +02:00
issuable_policy.rb Added IssueCollection 2016-11-07 12:49:24 +01:00
issue_policy.rb Merge branch 'issue_23548_dev' into 'master' 2016-11-09 12:25:17 +01:00
merge_request_policy.rb add and use MergeRequestPolicy 2016-08-30 11:39:22 -07:00
namespace_policy.rb port runners, namespaces, group/project_members 2016-08-30 11:39:22 -07:00
note_policy.rb Enable Style/MultilineOperationIndentation in Rubocop, fixes #25741 2016-12-16 21:37:22 +03:00
personal_snippet_policy.rb API: Endpoint to expose personal snippets as /snippets 2016-12-01 19:07:49 +01:00
project_label_policy.rb Use delegate! on group and project labels policies 2016-10-19 14:58:26 -02:00
project_member_policy.rb add personal snippets and project members 2016-08-30 11:39:22 -07:00
project_policy.rb Merge branch 'ee-1439-read-only-user' into 'master' 2017-02-07 04:10:13 +00:00
project_snippet_policy.rb Backport changes from gitlab-org/gitlab-ee!998 2017-02-06 01:17:33 +05:30
user_policy.rb Don't allow deleting a ghost user. 2017-02-24 16:50:20 +05:30