Commit bdd7600d authored by Douwe Maan's avatar Douwe Maan Committed by Bob Van Landuyt

Add ability checks in views where they were previously missing

parent 8272ec9a
...@@ -317,10 +317,10 @@ Please check your network connection and try again.`; ...@@ -317,10 +317,10 @@ Please check your network connection and try again.`;
<note-signed-out-widget v-if="!isLoggedIn" /> <note-signed-out-widget v-if="!isLoggedIn" />
<discussion-locked-widget <discussion-locked-widget
issuable-type="issue" issuable-type="issue"
v-else-if="!canCreateNote" v-else-if="isLocked(getNoteableData) && !canCreateNote"
/> />
<ul <ul
v-else v-else-if="canCreateNote"
class="notes notes-form timeline"> class="notes notes-form timeline">
<li class="timeline-entry"> <li class="timeline-entry">
<div class="timeline-entry-inner"> <div class="timeline-entry-inner">
......
...@@ -7,5 +7,6 @@ ...@@ -7,5 +7,6 @@
- link_to_help_page = link_to(_('Learn more about Kubernetes'), help_page_path('user/project/clusters/index'), target: '_blank', rel: 'noopener noreferrer') - link_to_help_page = link_to(_('Learn more about Kubernetes'), help_page_path('user/project/clusters/index'), target: '_blank', rel: 'noopener noreferrer')
%p= s_('ClusterIntegration|Kubernetes clusters allow you to use review apps, deploy your applications, run your pipelines, and much more in an easy way. %{link_to_help_page}').html_safe % { link_to_help_page: link_to_help_page} %p= s_('ClusterIntegration|Kubernetes clusters allow you to use review apps, deploy your applications, run your pipelines, and much more in an easy way. %{link_to_help_page}').html_safe % { link_to_help_page: link_to_help_page}
- if can?(current_user, :create_cluster, @project)
.text-center .text-center
= link_to s_('ClusterIntegration|Add Kubernetes cluster'), new_project_cluster_path(@project), class: 'btn btn-success' = link_to s_('ClusterIntegration|Add Kubernetes cluster'), new_project_cluster_path(@project), class: 'btn btn-success'
...@@ -35,9 +35,10 @@ ...@@ -35,9 +35,10 @@
- unless @commit.has_been_reverted?(current_user) - unless @commit.has_been_reverted?(current_user)
%li.clearfix %li.clearfix
= revert_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false) = revert_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false)
- if can_collaborate_with_project?
%li.clearfix %li.clearfix
= cherry_pick_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false) = cherry_pick_commit_link(@commit, project_commit_path(@project, @commit.id), has_tooltip: false)
- if can_collaborate_with_project? - if can?(current_user, :push_code, @project)
%li.clearfix %li.clearfix
= link_to s_("CreateTag|Tag"), new_project_tag_path(@project, ref: @commit) = link_to s_("CreateTag|Tag"), new_project_tag_path(@project, ref: @commit)
%li.divider %li.divider
......
...@@ -2,7 +2,8 @@ ...@@ -2,7 +2,8 @@
= icon('rss') = icon('rss')
- if @can_bulk_update - if @can_bulk_update
= button_tag "Edit issues", class: "btn btn-default append-right-10 js-bulk-update-toggle" = button_tag "Edit issues", class: "btn btn-default append-right-10 js-bulk-update-toggle"
= link_to "New issue", new_project_issue_path(@project, - if !current_user || can?(current_user, :create_issue, @project)
= link_to "New issue", new_project_issue_path(@project,
issue: { assignee_id: finder.assignee.try(:id), issue: { assignee_id: finder.assignee.try(:id),
milestone_id: finder.milestones.first.try(:id) }), milestone_id: finder.milestones.first.try(:id) }),
class: "btn btn-new", class: "btn btn-new",
......
...@@ -28,7 +28,7 @@ ...@@ -28,7 +28,7 @@
= icon('history') = icon('history')
.btn-container.controls-item .btn-container.controls-item
= render 'projects/buttons/download', project: @project, ref: @tag.name = render 'projects/buttons/download', project: @project, ref: @tag.name
- if can?(current_user, :admin_project, @project) - if can?(current_user, :push_code, @project) && can?(current_user, :admin_project, @project)
.btn-container.controls-item-full .btn-container.controls-item-full
= link_to project_tag_path(@project, @tag.name), class: "btn btn-remove remove-row has-tooltip #{protected_tag?(@project, @tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: @tag.name } } do = link_to project_tag_path(@project, @tag.name), class: "btn btn-remove remove-row has-tooltip #{protected_tag?(@project, @tag) ? 'disabled' : ''}", title: s_('TagsPage|Delete tag'), method: :delete, data: { confirm: s_('TagsPage|Deleting the %{tag_name} tag cannot be undone. Are you sure?') % { tag_name: @tag.name } } do
%i.fa.fa-trash-o %i.fa.fa-trash-o
......
...@@ -61,6 +61,7 @@ ...@@ -61,6 +61,7 @@
= link_to fork_path, method: :post do = link_to fork_path, method: :post do
#{ _('New directory') } #{ _('New directory') }
- if can?(current_user, :push_code, @project)
%li.divider %li.divider
%li.dropdown-header %li.dropdown-header
#{ _('This repository') } #{ _('This repository') }
......
...@@ -47,6 +47,7 @@ ...@@ -47,6 +47,7 @@
class: 'text-danger' class: 'text-danger'
.pull-right.hidden-xs.hidden-sm .pull-right.hidden-xs.hidden-sm
- if can?(current_user, :admin_label, label)
- if label.is_a?(ProjectLabel) && label.project.group && can?(current_user, :admin_label, label.project.group) - if label.is_a?(ProjectLabel) && label.project.group && can?(current_user, :admin_label, label.project.group)
%button.js-promote-project-label-button.btn.btn-transparent.btn-action.has-tooltip{ title: _('Promote to Group Label'), %button.js-promote-project-label-button.btn.btn-transparent.btn-action.has-tooltip{ title: _('Promote to Group Label'),
disabled: true, disabled: true,
...@@ -60,7 +61,6 @@ ...@@ -60,7 +61,6 @@
container: 'body', container: 'body',
toggle: 'modal' } } toggle: 'modal' } }
= sprite_icon('level-up') = sprite_icon('level-up')
- if can?(current_user, :admin_label, label)
= link_to edit_label_path(label), title: "Edit", class: 'btn btn-transparent btn-action', data: {toggle: "tooltip"} do = link_to edit_label_path(label), title: "Edit", class: 'btn btn-transparent btn-action', data: {toggle: "tooltip"} do
%span.sr-only Edit %span.sr-only Edit
= sprite_icon('pencil') = sprite_icon('pencil')
......
...@@ -7,6 +7,8 @@ describe 'projects/commit/_commit_box.html.haml' do ...@@ -7,6 +7,8 @@ describe 'projects/commit/_commit_box.html.haml' do
before do before do
assign(:project, project) assign(:project, project)
assign(:commit, project.commit) assign(:commit, project.commit)
assign(:current_user, user)
allow(view).to receive(:current_user).and_return(user)
allow(view).to receive(:can_collaborate_with_project?).and_return(false) allow(view).to receive(:can_collaborate_with_project?).and_return(false)
end end
...@@ -47,7 +49,8 @@ describe 'projects/commit/_commit_box.html.haml' do ...@@ -47,7 +49,8 @@ describe 'projects/commit/_commit_box.html.haml' do
context 'viewing a commit' do context 'viewing a commit' do
context 'as a developer' do context 'as a developer' do
before do before do
expect(view).to receive(:can_collaborate_with_project?).and_return(true) project.add_developer(user)
allow(view).to receive(:can_collaborate_with_project?).and_return(true)
end end
it 'has a link to create a new tag' do it 'has a link to create a new tag' do
...@@ -58,10 +61,6 @@ describe 'projects/commit/_commit_box.html.haml' do ...@@ -58,10 +61,6 @@ describe 'projects/commit/_commit_box.html.haml' do
end end
context 'as a non-developer' do context 'as a non-developer' do
before do
expect(view).to receive(:can_collaborate_with_project?).and_return(false)
end
it 'does not have a link to create a new tag' do it 'does not have a link to create a new tag' do
render render
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment