Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
a18ac627
Commit
a18ac627
authored
Mar 16, 2016
by
Felipe Artur
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Block internal groups/projects visibility to external users
parent
44c12744
Changes
5
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
11 additions
and
8 deletions
+11
-8
app/finders/contributed_projects_finder.rb
app/finders/contributed_projects_finder.rb
+1
-1
app/finders/joined_groups_finder.rb
app/finders/joined_groups_finder.rb
+1
-1
app/finders/personal_projects_finder.rb
app/finders/personal_projects_finder.rb
+1
-1
app/models/ability.rb
app/models/ability.rb
+5
-2
db/schema.rb
db/schema.rb
+3
-3
No files found.
app/finders/contributed_projects_finder.rb
View file @
a18ac627
...
@@ -11,7 +11,7 @@ class ContributedProjectsFinder
...
@@ -11,7 +11,7 @@ class ContributedProjectsFinder
#
#
# Returns an ActiveRecord::Relation.
# Returns an ActiveRecord::Relation.
def
execute
(
current_user
=
nil
)
def
execute
(
current_user
=
nil
)
if
current_user
if
current_user
&&
!
current_user
.
external?
relation
=
projects_visible_to_user
(
current_user
)
relation
=
projects_visible_to_user
(
current_user
)
else
else
relation
=
public_projects
relation
=
public_projects
...
...
app/finders/joined_groups_finder.rb
View file @
a18ac627
...
@@ -12,7 +12,7 @@ class JoinedGroupsFinder
...
@@ -12,7 +12,7 @@ class JoinedGroupsFinder
#
#
# Returns an ActiveRecord::Relation.
# Returns an ActiveRecord::Relation.
def
execute
(
current_user
=
nil
)
def
execute
(
current_user
=
nil
)
if
current_user
if
current_user
&&
!
current_user
.
external?
relation
=
groups_visible_to_user
(
current_user
)
relation
=
groups_visible_to_user
(
current_user
)
else
else
relation
=
public_groups
relation
=
public_groups
...
...
app/finders/personal_projects_finder.rb
View file @
a18ac627
...
@@ -11,7 +11,7 @@ class PersonalProjectsFinder
...
@@ -11,7 +11,7 @@ class PersonalProjectsFinder
#
#
# Returns an ActiveRecord::Relation.
# Returns an ActiveRecord::Relation.
def
execute
(
current_user
=
nil
)
def
execute
(
current_user
=
nil
)
if
current_user
if
current_user
&&
!
current_user
.
external?
relation
=
projects_visible_to_user
(
current_user
)
relation
=
projects_visible_to_user
(
current_user
)
else
else
relation
=
public_projects
relation
=
public_projects
...
...
app/models/ability.rb
View file @
a18ac627
...
@@ -295,8 +295,11 @@ class Ability
...
@@ -295,8 +295,11 @@ class Ability
end
end
def
can_read_group?
(
user
,
group
)
def
can_read_group?
(
user
,
group
)
user
.
admin?
||
group
.
public?
||
group
.
internal?
||
group
.
users
.
include?
(
user
)
||
if
user
.
external?
ProjectsFinder
.
new
.
execute
(
user
,
group:
group
).
any?
group
.
public?
||
ProjectsFinder
.
new
.
execute
(
user
,
group:
group
).
any?
else
user
.
admin?
||
group
.
public?
||
group
.
internal?
||
group
.
users
.
include?
(
user
)
||
ProjectsFinder
.
new
.
execute
(
user
,
group:
group
).
any?
end
end
end
def
namespace_abilities
(
user
,
namespace
)
def
namespace_abilities
(
user
,
namespace
)
...
...
db/schema.rb
View file @
a18ac627
...
@@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do
...
@@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do
t
.
string
"type"
t
.
string
"type"
t
.
string
"title"
t
.
string
"title"
t
.
integer
"project_id"
t
.
integer
"project_id"
t
.
datetime
"created_at"
t
.
datetime
"created_at"
,
null:
false
t
.
datetime
"updated_at"
t
.
datetime
"updated_at"
,
null:
false
t
.
boolean
"active"
,
default:
false
,
null:
false
t
.
boolean
"active"
,
null:
false
t
.
text
"properties"
t
.
text
"properties"
t
.
boolean
"template"
,
default:
false
t
.
boolean
"template"
,
default:
false
t
.
boolean
"push_events"
,
default:
true
t
.
boolean
"push_events"
,
default:
true
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment