From 07b38c3b389b8b0b6a3d6af7a38555c189e71afe Mon Sep 17 00:00:00 2001
From: Felipe Artur <felipefac@gmail.com>
Date: Tue, 5 Apr 2016 18:56:07 -0300
Subject: [PATCH] Code fixes
---
.../projects/project_members_controller.rb | 7 -------
app/controllers/users_controller.rb | 21 +++++++++----------
app/models/ability.rb | 10 ++-------
app/views/layouts/nav/_project.html.haml | 2 +-
spec/controllers/users_controller_spec.rb | 2 +-
5 files changed, 14 insertions(+), 28 deletions(-)
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb
index 7badbb47d0..e457db2f0b 100644
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@@ -1,7 +1,6 @@
class Projects::ProjectMembersController < Projects::ApplicationController
# Authorize
before_action :authorize_admin_project_member!, except: :leave
- before_action :authorize_read_project_members, only: :index
def index
@project_members = @project.project_members
@@ -113,10 +112,4 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def member_params
params.require(:project_member).permit(:user_id, :access_level)
end
-
- private
-
- def authorize_read_project_members
- can?(current_user, :read_project_members, @project)
- end
end
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 233dca54b9..2ae180c8a1 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,6 +1,6 @@
class UsersController < ApplicationController
skip_before_action :authenticate_user!
- before_action :set_user, except: [:show]
+ before_action :user
before_action :authorize_read_user!, only: [:show]
def show
@@ -77,26 +77,25 @@ class UsersController < ApplicationController
private
def authorize_read_user!
- set_user
- render_404 unless can?(current_user, :read_user, @user)
+ render_404 unless can?(current_user, :read_user, user)
end
- def set_user
- @user = User.find_by_username!(params[:username])
+ def user
+ @user ||= User.find_by_username!(params[:username])
end
def contributed_projects
- ContributedProjectsFinder.new(@user).execute(current_user)
+ ContributedProjectsFinder.new(user).execute(current_user)
end
def contributions_calendar
@contributions_calendar ||= Gitlab::ContributionsCalendar.
- new(contributed_projects, @user)
+ new(contributed_projects, user)
end
def load_events
# Get user activity feed for projects common for both users
- @events = @user.recent_events.
+ @events = user.recent_events.
merge(projects_for_current_user).
references(:project).
with_associations.
@@ -105,16 +104,16 @@ class UsersController < ApplicationController
def load_projects
@projects =
- PersonalProjectsFinder.new(@user).execute(current_user)
+ PersonalProjectsFinder.new(user).execute(current_user)
.page(params[:page])
end
def load_contributed_projects
- @contributed_projects = contributed_projects.joined(@user)
+ @contributed_projects = contributed_projects.joined(user)
end
def load_groups
- @groups = JoinedGroupsFinder.new(@user).execute(current_user)
+ @groups = JoinedGroupsFinder.new(user).execute(current_user)
end
def projects_for_current_user
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 684834aa39..7c452c69d1 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -1,5 +1,4 @@
class Ability
-
class << self
def allowed(user, subject)
return anonymous_abilities(user, subject) if user.nil?
@@ -58,7 +57,6 @@ class Ability
:read_label,
:read_milestone,
:read_project_snippet,
- :read_project_member,
:read_merge_request,
:read_note,
:read_commit_status,
@@ -71,8 +69,6 @@ class Ability
# Allow to read issues by anonymous user if issue is not confidential
rules << :read_issue unless subject.is_a?(Issue) && subject.confidential?
- rules << :read_project_member unless restricted_public_level?
-
rules - project_disabled_features_rules(project)
else
[]
@@ -96,9 +92,8 @@ class Ability
end
if group
- rules << [:read_group] if group.public?
-
- rules << [:read_group_members] unless restricted_public_level?
+ rules << :read_group if group.public?
+ rules << :read_group_members unless restricted_public_level?
end
rules
@@ -156,7 +151,6 @@ class Ability
rules -= project_archived_rules
end
- rules << :read_project_members
rules - project_disabled_features_rules(project)
end
end
diff --git a/app/views/layouts/nav/_project.html.haml b/app/views/layouts/nav/_project.html.haml
index d651de0fbe..2c9e215948 100644
--- a/app/views/layouts/nav/_project.html.haml
+++ b/app/views/layouts/nav/_project.html.haml
@@ -77,7 +77,7 @@
Merge Requests
%span.count.merge_counter= number_with_delimiter(@project.merge_requests.opened.count)
- - if project_nav_tab?(:settings) && can?(current_user, :read_project_members, @project)
+ - if project_nav_tab?(:settings)
= nav_link(controller: [:project_members, :teams]) do
= link_to namespace_project_project_members_path(@project.namespace, @project), title: 'Members', class: 'team-tab tab' do
= icon('users fw')
diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb
index 7701da9747..948935bc10 100644
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@@ -41,7 +41,7 @@ describe UsersController do
end
end
- context 'When public visibility level is restricted' do
+ context 'when public visibility level is restricted' do
before do
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
end
--
2.30.9