Skip to content

G
gitlab-ce
Commit 94996963 authored by Rémy Coutable's avatar Rémy Coutable
Browse files
Options

Inverse condition in Members::ApproveAccessRequestService 

Signed-off-by: default avatarRémy Coutable <remy@rymai.me>
parent 5dcdf1d5
Show whitespace changes
Inline Side-by-side
Showing with 3 additions and 3 deletions
app/services/members/approve_access_request_service.rb
View file @ 94996963
...@@ -14,7 +14,7 @@ module Members ...@@ -14,7 +14,7 @@ module Members
condition = params[:user_id] ? { user_id: params[:user_id] } : { id: params[:id] } condition = params[:user_id] ? { user_id: params[:user_id] } : { id: params[:id] }
access_requester = source.requesters.find_by!(condition) access_requester = source.requesters.find_by!(condition)
raise Gitlab::Access::AccessDeniedError if cannot_update_access_requester?(access_requester) raise Gitlab::Access::AccessDeniedError unless can_update_access_requester?(access_requester)
access_requester.access_level = params[:access_level] if params[:access_level] access_requester.access_level = params[:access_level] if params[:access_level]
access_requester.accept_request access_requester.accept_request
...@@ -24,8 +24,8 @@ module Members ...@@ -24,8 +24,8 @@ module Members
private private
def cannot_update_access_requester?(access_requester) def can_update_access_requester?(access_requester)
!access_requester || !can?(current_user, action_member_permission(:update, access_requester), access_requester) access_requester && can?(current_user, action_member_permission(:update, access_requester), access_requester)
end end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7