Add reposition_note permission

This works as an alias of `admin_note` unless the noteable is a Design, in which case it will be true if the user can `create_note`. This allows us to make a new mutation for repositioning a note on a Design which will allow users who did not create the note to reposition it. https://gitlab.com/gitlab-org/gitlab/-/issues/207334

Add reposition_note permission
This works as an alias of `admin_note` unless the noteable is a Design, in which case it will be true if the user can `create_note`. This allows us to make a new mutation for repositioning a note on a Design which will allow users who did not create the note to reposition it. https://gitlab.com/gitlab-org/gitlab/-/issues/207334
296c0b84 · Luke Duncalfe · Heinrich Lee Yu · db5ff625 · 296c0b84 · 296c0b84
Commit 296c0b84 authored Nov 05, 2020 by Luke Duncalfe Committed by Heinrich Lee Yu Nov 05, 2020
Showing with 87 additions and 42 deletions

app/models/discussion.rb app/models/discussion.rb +1 -0

app/policies/note_policy.rb app/policies/note_policy.rb +10 -1

spec/policies/note_policy_spec.rb spec/policies/note_policy_spec.rb +76 -41

No files found.
--- a/app/models/discussion.rb
+++ b/app/models/discussion.rb
@@ -16,6 +16,7 @@ class Discussion
            :commit_id,
            :confidential?,
            :for_commit?,
+            :for_design?,
            :for_merge_request?,
            :noteable_ability_name,
            :to_ability_name,

--- a/app/policies/note_policy.rb
+++ b/app/policies/note_policy.rb
@@ -7,13 +7,15 @@ class NotePolicy < BasePolicy
  delegate { @subject.noteable if DeclarativePolicy.has_policy?(@subject.noteable) }
  condition(:is_author) { @user && @subject.author == @user }
-  condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id }
+  condition(:is_noteable_author) { @user && @subject.noteable.try(:author_id) == @user.id }
  condition(:editable, scope: :subject) { @subject.editable? }
  condition(:can_read_noteable) { can?(:"read_#{@subject.noteable_ability_name}") }
  condition(:commit_is_deleted) { @subject.for_commit? && @subject.noteable.blank? }
+  condition(:for_design) { @subject.for_design? }
  condition(:is_visible) { @subject.system_note_with_references_visible_for?(@user) }
  condition(:confidential, scope: :subject) { @subject.confidential? }
@@ -28,6 +30,7 @@ class NotePolicy < BasePolicy
  rule { ~can_read_noteable }.policy do
    prevent :admin_note
    prevent :resolve_note
+    prevent :reposition_note
    prevent :award_emoji
  end
@@ -46,6 +49,7 @@ class NotePolicy < BasePolicy
    prevent :read_note
    prevent :admin_note
    prevent :resolve_note
+    prevent :reposition_note
    prevent :award_emoji
  end
@@ -57,9 +61,14 @@ class NotePolicy < BasePolicy
    prevent :read_note
    prevent :admin_note
    prevent :resolve_note
+    prevent :reposition_note
    prevent :award_emoji
  end
+  rule { can?(:admin_note) | (for_design & can?(:create_note)) }.policy do
+    enable :reposition_note
+  end
  def parent_namespace
    strong_memoize(:parent_namespace) do
      next if @subject.is_a?(PersonalSnippet)

--- a/spec/policies/note_policy_spec.rb
+++ b/spec/policies/note_policy_spec.rb