Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
49d58492
Commit
49d58492
authored
12 years ago
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Wiki abilities
parent
bdc42488
No related merge requests found
Changes
3
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
41 additions
and
17 deletions
+41
-17
app/controllers/wikis_controller.rb
app/controllers/wikis_controller.rb
+17
-0
app/models/ability.rb
app/models/ability.rb
+15
-12
app/models/project.rb
app/models/project.rb
+9
-5
No files found.
app/controllers/wikis_controller.rb
View file @
49d58492
class
WikisController
<
ApplicationController
before_filter
:project
before_filter
:add_project_abilities
before_filter
:authorize_read_wiki!
before_filter
:authorize_write_wiki!
,
:except
=>
[
:show
,
:destroy
]
before_filter
:authorize_admin_wiki!
,
:only
=>
:destroy
layout
"project"
def
show
...
...
@@ -48,4 +51,18 @@ class WikisController < ApplicationController
format
.
html
{
redirect_to
project_wiki_path
(
@project
,
:index
),
notice:
"Page was successfully deleted"
}
end
end
protected
def
authorize_read_wiki!
can?
(
current_user
,
:read_wiki
,
@project
)
end
def
authorize_write_wiki!
can?
(
current_user
,
:write_wiki
,
@project
)
end
def
authorize_admin_wiki!
can?
(
current_user
,
:admin_wiki
,
@project
)
end
end
This diff is collapsed.
Click to expand it.
app/models/ability.rb
View file @
49d58492
...
...
@@ -15,21 +15,26 @@ class Ability
rules
<<
[
:read_project
,
:read_wiki
,
:read_issue
,
:read_snippet
,
:read_team_member
,
:read_merge_request
,
:read_note
]
if
project
.
allow_read_for?
(
user
)
rules
<<
[
:read_note
,
:write_project
,
:write_issue
,
:write_snippet
,
:write_merge_request
,
:write_note
,
:write_note
]
if
project
.
guest_access_for?
(
user
)
rules
<<
[
:download_code
,
]
if
project
.
report_access_for?
(
user
)
rules
<<
[
:write_wiki
]
if
project
.
allow_write
_for?
(
user
)
]
if
project
.
dev_access
_for?
(
user
)
rules
<<
[
:modify_issue
,
...
...
@@ -40,18 +45,16 @@ class Ability
:admin_snippet
,
:admin_team_member
,
:admin_merge_request
,
:admin_note
]
if
project
.
allow_admin_for?
(
user
)
:admin_note
,
:admin_wiki
]
if
project
.
master_access_for?
(
user
)
rules
<<
[
:download_code
,
]
if
project
.
allow_pull_for?
(
user
)
rules
.
flatten
end
class
<<
self
[
:issue
,
:note
,
:snippet
,
:merge_request
,
:wiki
].
each
do
|
name
|
[
:issue
,
:note
,
:snippet
,
:merge_request
].
each
do
|
name
|
define_method
"
#{
name
}
_abilities"
do
|
user
,
subject
|
if
subject
.
author
==
user
[
...
...
This diff is collapsed.
Click to expand it.
app/models/project.rb
View file @
49d58492
...
...
@@ -233,16 +233,20 @@ class Project < ActiveRecord::Base
!
users_projects
.
where
(
:user_id
=>
user
.
id
).
empty?
end
def
allow_write
_for?
(
user
)
def
guest_access
_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
).
empty?
end
def
allow_admin
_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
,
:project_access
=>
[
UsersProject
::
MASTER
]).
empty?
||
owner_id
==
user
.
id
def
report_access
_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
,
:project_access
=>
[
UsersProject
::
REPORTER
,
UsersProject
::
DEVELOPER
,
UsersProject
::
MASTER
]).
empty?
end
def
allow_pull_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
,
:project_access
=>
[
UsersProject
::
REPORTER
,
UsersProject
::
DEVELOPER
,
UsersProject
::
MASTER
]).
empty?
def
dev_access_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
,
:project_access
=>
[
UsersProject
::
DEVELOPER
,
UsersProject
::
MASTER
]).
empty?
end
def
master_access_for?
(
user
)
!
users_projects
.
where
(
:user_id
=>
user
.
id
,
:project_access
=>
[
UsersProject
::
MASTER
]).
empty?
||
owner_id
==
user
.
id
end
def
root_ref
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment