Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
4d69cb9d
Commit
4d69cb9d
authored
Jul 15, 2016
by
Felipe Artur
Committed by
Rémy Coutable
Jul 20, 2016
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allow to disable user request access to groups/projects
parent
a920bf38
Changes
16
Hide whitespace changes
Inline
Side-by-side
Showing
16 changed files
with
86 additions
and
10 deletions
+86
-10
CHANGELOG
CHANGELOG
+1
-0
app/controllers/admin/groups_controller.rb
app/controllers/admin/groups_controller.rb
+1
-1
app/controllers/groups_controller.rb
app/controllers/groups_controller.rb
+1
-1
app/controllers/projects_controller.rb
app/controllers/projects_controller.rb
+1
-1
app/models/ability.rb
app/models/ability.rb
+2
-2
app/views/admin/groups/_form.html.haml
app/views/admin/groups/_form.html.haml
+4
-0
app/views/groups/edit.html.haml
app/views/groups/edit.html.haml
+4
-0
app/views/projects/edit.html.haml
app/views/projects/edit.html.haml
+4
-0
app/views/shared/_allow_request_access.html.haml
app/views/shared/_allow_request_access.html.haml
+6
-0
db/migrate/20160715154212_add_request_access_enabled_to_projects.rb
.../20160715154212_add_request_access_enabled_to_projects.rb
+12
-0
db/migrate/20160715204316_add_request_access_enabled_to_groups.rb
...te/20160715204316_add_request_access_enabled_to_groups.rb
+12
-0
db/schema.rb
db/schema.rb
+7
-5
doc/workflow/add-user/add-user.md
doc/workflow/add-user/add-user.md
+3
-0
doc/workflow/groups.md
doc/workflow/groups.md
+3
-0
spec/features/groups/members/user_requests_access_spec.rb
spec/features/groups/members/user_requests_access_spec.rb
+16
-0
spec/features/projects/members/user_requests_access_spec.rb
spec/features/projects/members/user_requests_access_spec.rb
+9
-0
No files found.
CHANGELOG
View file @
4d69cb9d
...
@@ -13,6 +13,7 @@ v 8.10.0 (unreleased)
...
@@ -13,6 +13,7 @@ v 8.10.0 (unreleased)
- Fix commit builds API, return all builds for all pipelines for given commit. !4849
- Fix commit builds API, return all builds for all pipelines for given commit. !4849
- Replace Haml with Hamlit to make view rendering faster. !3666
- Replace Haml with Hamlit to make view rendering faster. !3666
- Refresh the branch cache after `git gc` runs
- Refresh the branch cache after `git gc` runs
- Allow to disable request access button on projects/groups
- Refactor repository paths handling to allow multiple git mount points
- Refactor repository paths handling to allow multiple git mount points
- Optimize system note visibility checking by memoizing the visible reference count !5070
- Optimize system note visibility checking by memoizing the visible reference count !5070
- Add Application Setting to configure default Repository Path for new projects
- Add Application Setting to configure default Repository Path for new projects
...
...
app/controllers/admin/groups_controller.rb
View file @
4d69cb9d
...
@@ -60,6 +60,6 @@ class Admin::GroupsController < Admin::ApplicationController
...
@@ -60,6 +60,6 @@ class Admin::GroupsController < Admin::ApplicationController
end
end
def
group_params
def
group_params
params
.
require
(
:group
).
permit
(
:name
,
:description
,
:path
,
:avatar
,
:visibility_level
)
params
.
require
(
:group
).
permit
(
:name
,
:description
,
:path
,
:avatar
,
:visibility_level
,
:request_access_enabled
)
end
end
end
end
app/controllers/groups_controller.rb
View file @
4d69cb9d
...
@@ -121,7 +121,7 @@ class GroupsController < Groups::ApplicationController
...
@@ -121,7 +121,7 @@ class GroupsController < Groups::ApplicationController
end
end
def
group_params
def
group_params
params
.
require
(
:group
).
permit
(
:name
,
:description
,
:path
,
:avatar
,
:public
,
:visibility_level
,
:share_with_group_lock
)
params
.
require
(
:group
).
permit
(
:name
,
:description
,
:path
,
:avatar
,
:public
,
:visibility_level
,
:share_with_group_lock
,
:request_access_enabled
)
end
end
def
load_events
def
load_events
...
...
app/controllers/projects_controller.rb
View file @
4d69cb9d
...
@@ -296,7 +296,7 @@ class ProjectsController < Projects::ApplicationController
...
@@ -296,7 +296,7 @@ class ProjectsController < Projects::ApplicationController
:issues_tracker_id
,
:default_branch
,
:issues_tracker_id
,
:default_branch
,
:wiki_enabled
,
:visibility_level
,
:import_url
,
:last_activity_at
,
:namespace_id
,
:avatar
,
:wiki_enabled
,
:visibility_level
,
:import_url
,
:last_activity_at
,
:namespace_id
,
:avatar
,
:builds_enabled
,
:build_allow_git_fetch
,
:build_timeout_in_minutes
,
:build_coverage_regex
,
:builds_enabled
,
:build_allow_git_fetch
,
:build_timeout_in_minutes
,
:build_coverage_regex
,
:public_builds
,
:only_allow_merge_if_build_succeeds
:public_builds
,
:only_allow_merge_if_build_succeeds
,
:request_access_enabled
)
)
end
end
...
...
app/models/ability.rb
View file @
4d69cb9d
...
@@ -172,7 +172,7 @@ class Ability
...
@@ -172,7 +172,7 @@ class Ability
rules
<<
:read_build
if
project
.
public_builds?
rules
<<
:read_build
if
project
.
public_builds?
unless
owner
||
project
.
team
.
member?
(
user
)
||
project_group_member?
(
project
,
user
)
unless
owner
||
project
.
team
.
member?
(
user
)
||
project_group_member?
(
project
,
user
)
rules
<<
:request_access
rules
<<
:request_access
if
project
.
request_access_enabled
end
end
end
end
...
@@ -372,7 +372,7 @@ class Ability
...
@@ -372,7 +372,7 @@ class Ability
]
]
end
end
if
group
.
public?
||
(
group
.
internal?
&&
!
user
.
external?
)
if
(
group
.
public?
||
(
group
.
internal?
&&
!
user
.
external?
))
&&
group
.
request_access_enabled
rules
<<
:request_access
unless
group
.
users
.
include?
(
user
)
rules
<<
:request_access
unless
group
.
users
.
include?
(
user
)
end
end
...
...
app/views/admin/groups/_form.html.haml
View file @
4d69cb9d
...
@@ -9,6 +9,10 @@
...
@@ -9,6 +9,10 @@
=
render
'shared/visibility_level'
,
f:
f
,
visibility_level:
@group
.
visibility_level
,
can_change_visibility_level:
can_change_group_visibility_level?
(
@group
),
form_model:
@group
=
render
'shared/visibility_level'
,
f:
f
,
visibility_level:
@group
.
visibility_level
,
can_change_visibility_level:
can_change_group_visibility_level?
(
@group
),
form_model:
@group
.form-group
.col-sm-offset-2.col-sm-10
=
render
'shared/allow_request_access'
,
form:
f
-
if
@group
.
new_record?
-
if
@group
.
new_record?
.form-group
.form-group
.col-sm-offset-2.col-sm-10
.col-sm-offset-2.col-sm-10
...
...
app/views/groups/edit.html.haml
View file @
4d69cb9d
...
@@ -21,6 +21,10 @@
...
@@ -21,6 +21,10 @@
=
render
'shared/visibility_level'
,
f:
f
,
visibility_level:
@group
.
visibility_level
,
can_change_visibility_level:
can_change_group_visibility_level?
(
@group
),
form_model:
@group
=
render
'shared/visibility_level'
,
f:
f
,
visibility_level:
@group
.
visibility_level
,
can_change_visibility_level:
can_change_group_visibility_level?
(
@group
),
form_model:
@group
.form-group
.col-sm-offset-2.col-sm-10
=
render
'shared/allow_request_access'
,
form:
f
.form-group
.form-group
%hr
%hr
=
f
.
label
:share_with_group_lock
,
class:
'control-label'
do
=
f
.
label
:share_with_group_lock
,
class:
'control-label'
do
...
...
app/views/projects/edit.html.haml
View file @
4d69cb9d
...
@@ -32,6 +32,10 @@
...
@@ -32,6 +32,10 @@
%strong
%strong
=
visibility_level_label
(
@project
.
visibility_level
)
=
visibility_level_label
(
@project
.
visibility_level
)
.light
=
visibility_level_description
(
@project
.
visibility_level
,
@project
)
.light
=
visibility_level_description
(
@project
.
visibility_level
,
@project
)
.form-group
=
render
'shared/allow_request_access'
,
form:
f
.form-group
.form-group
=
f
.
label
:tag_list
,
"Tags"
,
class:
'label-light'
=
f
.
label
:tag_list
,
"Tags"
,
class:
'label-light'
=
f
.
text_field
:tag_list
,
value:
@project
.
tag_list
.
to_s
,
maxlength:
2000
,
class:
"form-control"
=
f
.
text_field
:tag_list
,
value:
@project
.
tag_list
.
to_s
,
maxlength:
2000
,
class:
"form-control"
...
...
app/views/shared/_allow_request_access.html.haml
0 → 100644
View file @
4d69cb9d
.checkbox
=
form
.
label
:request_access_enabled
do
=
form
.
check_box
:request_access_enabled
%strong
Allow users to request access
%br
%span
.descr
Allow users to request access if visibility is public or internal.
db/migrate/20160715154212_add_request_access_enabled_to_projects.rb
0 → 100644
View file @
4d69cb9d
class
AddRequestAccessEnabledToProjects
<
ActiveRecord
::
Migration
include
Gitlab
::
Database
::
MigrationHelpers
disable_ddl_transaction!
def
up
add_column_with_default
:projects
,
:request_access_enabled
,
:boolean
,
default:
true
end
def
down
remove_column
:projects
,
:request_access_enabled
end
end
db/migrate/20160715204316_add_request_access_enabled_to_groups.rb
0 → 100644
View file @
4d69cb9d
class
AddRequestAccessEnabledToGroups
<
ActiveRecord
::
Migration
include
Gitlab
::
Database
::
MigrationHelpers
disable_ddl_transaction!
def
up
add_column_with_default
:namespaces
,
:request_access_enabled
,
:boolean
,
default:
true
end
def
down
remove_column
:namespaces
,
:request_access_enabled
end
end
db/schema.rb
View file @
4d69cb9d
...
@@ -664,16 +664,17 @@ ActiveRecord::Schema.define(version: 20160718153603) do
...
@@ -664,16 +664,17 @@ ActiveRecord::Schema.define(version: 20160718153603) do
add_index
"milestones"
,
[
"title"
],
name:
"index_milestones_on_title_trigram"
,
using: :gin
,
opclasses:
{
"title"
=>
"gin_trgm_ops"
}
add_index
"milestones"
,
[
"title"
],
name:
"index_milestones_on_title_trigram"
,
using: :gin
,
opclasses:
{
"title"
=>
"gin_trgm_ops"
}
create_table
"namespaces"
,
force: :cascade
do
|
t
|
create_table
"namespaces"
,
force: :cascade
do
|
t
|
t
.
string
"name"
,
null:
false
t
.
string
"name"
,
null:
false
t
.
string
"path"
,
null:
false
t
.
string
"path"
,
null:
false
t
.
integer
"owner_id"
t
.
integer
"owner_id"
t
.
datetime
"created_at"
t
.
datetime
"created_at"
t
.
datetime
"updated_at"
t
.
datetime
"updated_at"
t
.
string
"type"
t
.
string
"type"
t
.
string
"description"
,
default:
""
,
null:
false
t
.
string
"description"
,
default:
""
,
null:
false
t
.
string
"avatar"
t
.
string
"avatar"
t
.
boolean
"share_with_group_lock"
,
default:
false
t
.
boolean
"share_with_group_lock"
,
default:
false
t
.
integer
"visibility_level"
,
default:
20
,
null:
false
t
.
integer
"visibility_level"
,
default:
20
,
null:
false
t
.
boolean
"request_access_enabled"
,
default:
true
,
null:
false
end
end
add_index
"namespaces"
,
[
"created_at"
,
"id"
],
name:
"index_namespaces_on_created_at_and_id"
,
using: :btree
add_index
"namespaces"
,
[
"created_at"
,
"id"
],
name:
"index_namespaces_on_created_at_and_id"
,
using: :btree
...
@@ -843,6 +844,7 @@ ActiveRecord::Schema.define(version: 20160718153603) do
...
@@ -843,6 +844,7 @@ ActiveRecord::Schema.define(version: 20160718153603) do
t
.
boolean
"has_external_issue_tracker"
t
.
boolean
"has_external_issue_tracker"
t
.
string
"repository_storage"
,
default:
"default"
,
null:
false
t
.
string
"repository_storage"
,
default:
"default"
,
null:
false
t
.
boolean
"has_external_wiki"
t
.
boolean
"has_external_wiki"
t
.
boolean
"request_access_enabled"
,
default:
true
,
null:
false
end
end
add_index
"projects"
,
[
"builds_enabled"
,
"shared_runners_enabled"
],
name:
"index_projects_on_builds_enabled_and_shared_runners_enabled"
,
using: :btree
add_index
"projects"
,
[
"builds_enabled"
,
"shared_runners_enabled"
],
name:
"index_projects_on_builds_enabled_and_shared_runners_enabled"
,
using: :btree
...
...
doc/workflow/add-user/add-user.md
View file @
4d69cb9d
...
@@ -90,6 +90,9 @@ GitLab account using the same e-mail address the invitation was sent to.
...
@@ -90,6 +90,9 @@ GitLab account using the same e-mail address the invitation was sent to.
## Request access to a project
## Request access to a project
As project owner you can enable or disable non members to request access to
your project. Go to project settings and click on
**allow users to request access**
As a user, you can request to be a member of a project. Go to the project you'd
As a user, you can request to be a member of a project. Go to the project you'd
like to be a member of, and click the
**Request Access**
button on the right
like to be a member of, and click the
**Request Access**
button on the right
side of your screen.
side of your screen.
...
...
doc/workflow/groups.md
View file @
4d69cb9d
...
@@ -53,6 +53,9 @@ If necessary, you can increase the access level of an individual user for a spec
...
@@ -53,6 +53,9 @@ If necessary, you can increase the access level of an individual user for a spec
## Requesting access to a group
## Requesting access to a group
As group owner you can enable or disable non members to request access to
your group. Go to group settings and click on
**allow users to request access**
As a user, you can request to be a member of a group. Go to the group you'd
As a user, you can request to be a member of a group. Go to the group you'd
like to be a member of, and click the
**Request Access**
button on the right
like to be a member of, and click the
**Request Access**
button on the right
side of your screen.
side of your screen.
...
...
spec/features/groups/members/user_requests_access_spec.rb
View file @
4d69cb9d
...
@@ -9,10 +9,19 @@ feature 'Groups > Members > User requests access', feature: true do
...
@@ -9,10 +9,19 @@ feature 'Groups > Members > User requests access', feature: true do
background
do
background
do
group
.
add_owner
(
owner
)
group
.
add_owner
(
owner
)
login_as
(
user
)
login_as
(
user
)
end
scenario
'request access feature is disabled'
do
group
.
update_attributes
(
request_access_enabled:
false
)
visit
group_path
(
group
)
visit
group_path
(
group
)
visit
group_path
(
group
)
expect
(
page
).
not_to
have_content
'Request Access'
end
end
scenario
'user can request access to a group'
do
scenario
'user can request access to a group'
do
visit
group_path
(
group
)
perform_enqueued_jobs
{
click_link
'Request Access'
}
perform_enqueued_jobs
{
click_link
'Request Access'
}
expect
(
ActionMailer
::
Base
.
deliveries
.
last
.
to
).
to
eq
[
owner
.
notification_email
]
expect
(
ActionMailer
::
Base
.
deliveries
.
last
.
to
).
to
eq
[
owner
.
notification_email
]
...
@@ -26,12 +35,15 @@ feature 'Groups > Members > User requests access', feature: true do
...
@@ -26,12 +35,15 @@ feature 'Groups > Members > User requests access', feature: true do
end
end
scenario
'user does not see private projects'
do
scenario
'user does not see private projects'
do
visit
group_path
(
group
)
perform_enqueued_jobs
{
click_link
'Request Access'
}
perform_enqueued_jobs
{
click_link
'Request Access'
}
expect
(
page
).
not_to
have_content
project
.
name
expect
(
page
).
not_to
have_content
project
.
name
end
end
scenario
'user does not see group in the Dashboard > Groups page'
do
scenario
'user does not see group in the Dashboard > Groups page'
do
visit
group_path
(
group
)
perform_enqueued_jobs
{
click_link
'Request Access'
}
perform_enqueued_jobs
{
click_link
'Request Access'
}
visit
dashboard_groups_path
visit
dashboard_groups_path
...
@@ -40,6 +52,8 @@ feature 'Groups > Members > User requests access', feature: true do
...
@@ -40,6 +52,8 @@ feature 'Groups > Members > User requests access', feature: true do
end
end
scenario
'user is not listed in the group members page'
do
scenario
'user is not listed in the group members page'
do
visit
group_path
(
group
)
click_link
'Request Access'
click_link
'Request Access'
expect
(
group
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
expect
(
group
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
...
@@ -52,6 +66,8 @@ feature 'Groups > Members > User requests access', feature: true do
...
@@ -52,6 +66,8 @@ feature 'Groups > Members > User requests access', feature: true do
end
end
scenario
'user can withdraw its request for access'
do
scenario
'user can withdraw its request for access'
do
visit
group_path
(
group
)
click_link
'Request Access'
click_link
'Request Access'
expect
(
group
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
expect
(
group
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
...
...
spec/features/projects/members/user_requests_access_spec.rb
View file @
4d69cb9d
...
@@ -8,10 +8,17 @@ feature 'Projects > Members > User requests access', feature: true do
...
@@ -8,10 +8,17 @@ feature 'Projects > Members > User requests access', feature: true do
background
do
background
do
project
.
team
<<
[
master
,
:master
]
project
.
team
<<
[
master
,
:master
]
login_as
(
user
)
login_as
(
user
)
end
scenario
'request access feature is disabled'
do
project
.
update_attributes
(
request_access_enabled:
false
)
visit
namespace_project_path
(
project
.
namespace
,
project
)
visit
namespace_project_path
(
project
.
namespace
,
project
)
expect
(
page
).
not_to
have_content
'Request Access'
end
end
scenario
'user can request access to a project'
do
scenario
'user can request access to a project'
do
visit
namespace_project_path
(
project
.
namespace
,
project
)
perform_enqueued_jobs
{
click_link
'Request Access'
}
perform_enqueued_jobs
{
click_link
'Request Access'
}
expect
(
ActionMailer
::
Base
.
deliveries
.
last
.
to
).
to
eq
[
master
.
notification_email
]
expect
(
ActionMailer
::
Base
.
deliveries
.
last
.
to
).
to
eq
[
master
.
notification_email
]
...
@@ -25,6 +32,7 @@ feature 'Projects > Members > User requests access', feature: true do
...
@@ -25,6 +32,7 @@ feature 'Projects > Members > User requests access', feature: true do
end
end
scenario
'user is not listed in the project members page'
do
scenario
'user is not listed in the project members page'
do
visit
namespace_project_path
(
project
.
namespace
,
project
)
click_link
'Request Access'
click_link
'Request Access'
expect
(
project
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
expect
(
project
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
...
@@ -39,6 +47,7 @@ feature 'Projects > Members > User requests access', feature: true do
...
@@ -39,6 +47,7 @@ feature 'Projects > Members > User requests access', feature: true do
end
end
scenario
'user can withdraw its request for access'
do
scenario
'user can withdraw its request for access'
do
visit
namespace_project_path
(
project
.
namespace
,
project
)
click_link
'Request Access'
click_link
'Request Access'
expect
(
project
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
expect
(
project
.
requesters
.
exists?
(
user_id:
user
)).
to
be_truthy
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment