Commit 74fb5004 authored by Douwe Maan's avatar Douwe Maan

Merge branch 'issue_10725' into 'master'

Fix forks creation when visibility level is restricted

fixes #10725

See merge request !4283
parents 380966e8 52733352
Please view this file on the master branch, on stable branches it's out of date. Please view this file on the master branch, on stable branches it's out of date.
v 8.9.0 (unreleased) v 8.9.0 (unreleased)
- Allow forking projects with restricted visibility level
- Redesign navigation for project pages - Redesign navigation for project pages
- Use gitlab-shell v3.0.0 - Use gitlab-shell v3.0.0
- Add rake task 'gitlab:db:configure' for conditionally seeding or migrating the database - Add rake task 'gitlab:db:configure' for conditionally seeding or migrating the database
......
...@@ -3,7 +3,7 @@ module Projects ...@@ -3,7 +3,7 @@ module Projects
def execute def execute
new_params = { new_params = {
forked_from_project_id: @project.id, forked_from_project_id: @project.id,
visibility_level: @project.visibility_level, visibility_level: allowed_visibility_level,
description: @project.description, description: @project.description,
name: @project.name, name: @project.name,
path: @project.path, path: @project.path,
...@@ -19,5 +19,17 @@ module Projects ...@@ -19,5 +19,17 @@ module Projects
new_project = CreateService.new(current_user, new_params).execute new_project = CreateService.new(current_user, new_params).execute
new_project new_project
end end
private
def allowed_visibility_level
project_level = @project.visibility_level
if Gitlab::VisibilityLevel.non_restricted_level?(project_level)
project_level
else
Gitlab::VisibilityLevel.highest_allowed_level
end
end
end end
end end
...@@ -32,6 +32,13 @@ module Gitlab ...@@ -32,6 +32,13 @@ module Gitlab
} }
end end
def highest_allowed_level
restricted_levels = current_application_settings.restricted_visibility_levels
allowed_levels = self.values - restricted_levels
allowed_levels.max || PRIVATE
end
def allowed_for?(user, level) def allowed_for?(user, level)
user.is_admin? || allowed_level?(level.to_i) user.is_admin? || allowed_level?(level.to_i)
end end
......
...@@ -42,6 +42,33 @@ describe Projects::ForkService, services: true do ...@@ -42,6 +42,33 @@ describe Projects::ForkService, services: true do
expect(@to_project.builds_enabled?).to be_truthy expect(@to_project.builds_enabled?).to be_truthy
end end
end end
context "when project has restricted visibility level" do
context "and only one visibility level is restricted" do
before do
@from_project.update_attributes(visibility_level: Gitlab::VisibilityLevel::INTERNAL)
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::INTERNAL])
end
it "creates fork with highest allowed level" do
forked_project = fork_project(@from_project, @to_user)
expect(forked_project.visibility_level).to eq(Gitlab::VisibilityLevel::PUBLIC)
end
end
context "and all visibility levels are restricted" do
before do
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC, Gitlab::VisibilityLevel::INTERNAL, Gitlab::VisibilityLevel::PRIVATE])
end
it "creates fork with private visibility levels" do
forked_project = fork_project(@from_project, @to_user)
expect(forked_project.visibility_level).to eq(Gitlab::VisibilityLevel::PRIVATE)
end
end
end
end end
describe :fork_to_namespace do describe :fork_to_namespace do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment