kotovalexarian-likes-gitlab
/
gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity
gitlab-org--gitlab-foss/app/policies
History
Bob Van Landuyt d801dd1774 Allows `access_(git|api)` to anonymous users 
The `access_git` and `access_api` were currently never checked for
anonymous users. And they would also be allowed access:

  An anonymous user can clone and pull from a public repo

  An anonymous user can request public information from the API

So the policy didn't actually reflect what we were enforcing.
 		2018-05-10 17:02:27 +02:00
..
application_setting Enforces terms in the web application 2018-05-04 13:54:43 +02:00
ci Update policies to make archived projects completely read-only 2018-04-10 15:46:20 +02:00
clusters This works 2017-10-23 11:36:35 +03:00
project_policy Move `ProjectPolicy`-class methods into module 2018-04-10 19:43:01 +02:00
base_policy.rb Port `read_cross_project` ability from EE 2018-02-22 17:11:36 +01:00
commit_status_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
deploy_key_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
deploy_token_policy.rb Addreses backend review suggestions 2018-04-06 21:20:16 -05:00
deployment_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
environment_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
external_issue_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
global_policy.rb Allows `access_(git|api)` to anonymous users 2018-05-10 17:02:27 +02:00
group_label_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
group_member_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
group_policy.rb Fix users not seeing labels from private groups when being a member of a child project 2018-04-23 13:56:38 -03:00
issuable_policy.rb Remove edit_note and update_note abilities in favor of admin_note 2018-04-10 15:46:20 +02:00
issue_policy.rb Fix N+1 in MergeRequestParser 2018-04-05 13:59:05 +01:00
merge_request_policy.rb Fix N+1 in MergeRequestParser 2018-04-05 13:59:05 +01:00
namespace_policy.rb Introduce :read_namespace access policy for namespace and group 2017-11-23 17:44:05 +01:00
nil_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
note_policy.rb Prevent awarding emoji when a project is archived 2018-04-11 10:51:43 +02:00
personal_snippet_policy.rb Prevent awarding emoji when a project is archived 2018-04-11 10:51:43 +02:00
project_label_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
project_member_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
project_policy.rb Adds remote mirror table migration 2018-05-07 12:00:13 +02:00
project_snippet_policy.rb convert all the policies to DeclarativePolicy 2017-06-27 12:44:37 -07:00
protected_branch_policy.rb Revert exploratory branch restriction policy 2018-03-26 10:29:53 +01:00
user_policy.rb Make the user dropdown reusable 2018-05-04 13:52:55 +02:00