Commit 878e46a1 authored by James Lopez's avatar James Lopez Committed by Douwe Maan

Fix restricted visibility project setting

parent 9927cc9b
...@@ -24,7 +24,7 @@ module ProjectsHelper ...@@ -24,7 +24,7 @@ module ProjectsHelper
return "(deleted)" unless author return "(deleted)" unless author
author_html = "" author_html = ""
# Build avatar image tag # Build avatar image tag
author_html << image_tag(avatar_icon(author, opts[:size]), width: opts[:size], class: "avatar avatar-inline #{"s#{opts[:size]}" if opts[:size]} #{opts[:avatar_class] if opts[:avatar_class]}", alt: '') if opts[:avatar] author_html << image_tag(avatar_icon(author, opts[:size]), width: opts[:size], class: "avatar avatar-inline #{"s#{opts[:size]}" if opts[:size]} #{opts[:avatar_class] if opts[:avatar_class]}", alt: '') if opts[:avatar]
...@@ -45,7 +45,7 @@ module ProjectsHelper ...@@ -45,7 +45,7 @@ module ProjectsHelper
link_to(author_html, user_path(author), class: "author_link #{"#{opts[:extra_class]}" if opts[:extra_class]} #{"#{opts[:mobile_classes]}" if opts[:mobile_classes]}").html_safe link_to(author_html, user_path(author), class: "author_link #{"#{opts[:extra_class]}" if opts[:extra_class]} #{"#{opts[:mobile_classes]}" if opts[:mobile_classes]}").html_safe
else else
title = opts[:title].sub(":name", sanitize(author.name)) title = opts[:title].sub(":name", sanitize(author.name))
link_to(author_html, user_path(author), class: "author_link has-tooltip", title: title, data: { container: 'body' } ).html_safe link_to(author_html, user_path(author), class: "author_link has-tooltip", title: title, data: { container: 'body' }).html_safe
end end
end end
...@@ -430,13 +430,22 @@ module ProjectsHelper ...@@ -430,13 +430,22 @@ module ProjectsHelper
end end
def visibility_select_options(project, selected_level) def visibility_select_options(project, selected_level)
levels_options_array = Gitlab::VisibilityLevel.values.map do |level| level_options = Gitlab::VisibilityLevel.values.each_with_object([]) do |level, level_options|
[ next if restricted_levels.include?(level)
level_options << [
visibility_level_label(level), visibility_level_label(level),
{ data: { description: visibility_level_description(level, project) } }, { data: { description: visibility_level_description(level, project) } },
level level
] ]
end end
options_for_select(levels_options_array, selected_level)
options_for_select(level_options, selected_level)
end
def restricted_levels
return [] if current_user.admin?
current_application_settings.restricted_visibility_levels || []
end end
end end
---
title: Fix restricted project visibility setting available to users
merge_request:
author:
...@@ -265,4 +265,27 @@ describe ProjectsHelper do ...@@ -265,4 +265,27 @@ describe ProjectsHelper do
end end
end end
end end
describe "#visibility_select_options" do
let(:project) { create(:project, :repository) }
let(:user) { create(:user) }
before do
allow(helper).to receive(:current_user).and_return(user)
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
end
it "does not include the Public restricted level" do
expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).not_to include('Public')
end
it "includes the Internal level" do
expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).to include('Internal')
end
it "includes the Private level" do
expect(helper.send(:visibility_select_options, project, Gitlab::VisibilityLevel::PRIVATE)).to include('Private')
end
end
end end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment