Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
48090a91
Commit
48090a91
authored
Nov 16, 2016
by
Lin Jen-Shin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Introduce no_user_or_blocked? and fix tests due to
checking user permission.
parent
a9765fb4
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
22 additions
and
6 deletions
+22
-6
lib/gitlab/user_access.rb
lib/gitlab/user_access.rb
+12
-4
spec/lib/gitlab/git_access_spec.rb
spec/lib/gitlab/git_access_spec.rb
+10
-2
No files found.
lib/gitlab/user_access.rb
View file @
48090a91
...
@@ -8,6 +8,8 @@ module Gitlab
...
@@ -8,6 +8,8 @@ module Gitlab
end
end
def
can_do_action?
(
action
)
def
can_do_action?
(
action
)
return
false
if
no_user_or_blocked?
@permission_cache
||=
{}
@permission_cache
||=
{}
@permission_cache
[
action
]
||=
user
.
can?
(
action
,
project
)
@permission_cache
[
action
]
||=
user
.
can?
(
action
,
project
)
end
end
...
@@ -17,7 +19,7 @@ module Gitlab
...
@@ -17,7 +19,7 @@ module Gitlab
end
end
def
allowed?
def
allowed?
return
false
if
user
.
blank?
||
user
.
blocked?
return
false
if
no_user_or_
blocked?
if
user
.
requires_ldap_check?
&&
user
.
try_obtain_ldap_lease
if
user
.
requires_ldap_check?
&&
user
.
try_obtain_ldap_lease
return
false
unless
Gitlab
::
LDAP
::
Access
.
allowed?
(
user
)
return
false
unless
Gitlab
::
LDAP
::
Access
.
allowed?
(
user
)
...
@@ -27,7 +29,7 @@ module Gitlab
...
@@ -27,7 +29,7 @@ module Gitlab
end
end
def
can_push_to_branch?
(
ref
)
def
can_push_to_branch?
(
ref
)
return
false
unless
user
return
false
if
no_user_or_blocked?
if
project
.
protected_branch?
(
ref
)
if
project
.
protected_branch?
(
ref
)
return
true
if
project
.
empty_repo?
&&
project
.
user_can_push_to_empty_repo?
(
user
)
return
true
if
project
.
empty_repo?
&&
project
.
user_can_push_to_empty_repo?
(
user
)
...
@@ -40,7 +42,7 @@ module Gitlab
...
@@ -40,7 +42,7 @@ module Gitlab
end
end
def
can_merge_to_branch?
(
ref
)
def
can_merge_to_branch?
(
ref
)
return
false
unless
user
return
false
if
no_user_or_blocked?
if
project
.
protected_branch?
(
ref
)
if
project
.
protected_branch?
(
ref
)
access_levels
=
project
.
protected_branches
.
matching
(
ref
).
map
(
&
:merge_access_levels
).
flatten
access_levels
=
project
.
protected_branches
.
matching
(
ref
).
map
(
&
:merge_access_levels
).
flatten
...
@@ -51,9 +53,15 @@ module Gitlab
...
@@ -51,9 +53,15 @@ module Gitlab
end
end
def
can_read_project?
def
can_read_project?
return
false
unless
user
return
false
if
no_user_or_blocked?
user
.
can?
(
:read_project
,
project
)
user
.
can?
(
:read_project
,
project
)
end
end
private
def
no_user_or_blocked?
user
.
nil?
||
user
.
blocked?
end
end
end
end
end
spec/lib/gitlab/git_access_spec.rb
View file @
48090a91
...
@@ -112,9 +112,13 @@ describe Gitlab::GitAccess, lib: true do
...
@@ -112,9 +112,13 @@ describe Gitlab::GitAccess, lib: true do
end
end
describe
'deploy key permissions'
do
describe
'deploy key permissions'
do
let
(
:key
)
{
create
(
:deploy_key
)
}
let
(
:key
)
{
create
(
:deploy_key
,
user:
user
)
}
let
(
:actor
)
{
key
}
let
(
:actor
)
{
key
}
before
do
project
.
team
<<
[
user
,
:master
]
end
context
'pull code'
do
context
'pull code'
do
context
'when project is authorized'
do
context
'when project is authorized'
do
before
{
key
.
projects
<<
project
}
before
{
key
.
projects
<<
project
}
...
@@ -404,9 +408,13 @@ describe Gitlab::GitAccess, lib: true do
...
@@ -404,9 +408,13 @@ describe Gitlab::GitAccess, lib: true do
end
end
describe
'deploy key permissions'
do
describe
'deploy key permissions'
do
let
(
:key
)
{
create
(
:deploy_key
,
can_push:
can_push
)
}
let
(
:key
)
{
create
(
:deploy_key
,
user:
user
,
can_push:
can_push
)
}
let
(
:actor
)
{
key
}
let
(
:actor
)
{
key
}
before
do
project
.
team
<<
[
user
,
:master
]
end
context
'when deploy_key can push'
do
context
'when deploy_key can push'
do
let
(
:can_push
)
{
true
}
let
(
:can_push
)
{
true
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment