Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
5853c96b
Commit
5853c96b
authored
Aug 08, 2016
by
http://jneen.net/
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
remove Ability.abilities
parent
c218dd90
Changes
18
Show whitespace changes
Inline
Side-by-side
Showing
18 changed files
with
37 additions
and
61 deletions
+37
-61
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+2
-6
app/finders/issuable_finder.rb
app/finders/issuable_finder.rb
+1
-1
app/finders/todos_finder.rb
app/finders/todos_finder.rb
+1
-1
app/mailers/base_mailer.rb
app/mailers/base_mailer.rb
+1
-1
app/models/ability.rb
app/models/ability.rb
+0
-5
app/models/event.rb
app/models/event.rb
+1
-1
app/models/merge_request.rb
app/models/merge_request.rb
+1
-1
app/models/user.rb
app/models/user.rb
+1
-5
app/services/base_service.rb
app/services/base_service.rb
+1
-5
lib/api/helpers.rb
lib/api/helpers.rb
+1
-5
lib/banzai/reference_parser/base_parser.rb
lib/banzai/reference_parser/base_parser.rb
+1
-1
spec/controllers/projects/boards/issues_controller_spec.rb
spec/controllers/projects/boards/issues_controller_spec.rb
+2
-2
spec/controllers/projects/boards/lists_controller_spec.rb
spec/controllers/projects/boards/lists_controller_spec.rb
+2
-2
spec/controllers/projects/boards_controller_spec.rb
spec/controllers/projects/boards_controller_spec.rb
+2
-2
spec/lib/banzai/reference_parser/base_parser_spec.rb
spec/lib/banzai/reference_parser/base_parser_spec.rb
+4
-4
spec/lib/banzai/reference_parser/user_parser_spec.rb
spec/lib/banzai/reference_parser/user_parser_spec.rb
+5
-5
spec/models/members/project_member_spec.rb
spec/models/members/project_member_spec.rb
+2
-4
spec/models/note_spec.rb
spec/models/note_spec.rb
+9
-10
No files found.
app/controllers/application_controller.rb
View file @
5853c96b
...
...
@@ -24,7 +24,7 @@ class ApplicationController < ActionController::Base
protect_from_forgery
with: :exception
helper_method
:
abilities
,
:
can?
,
:current_application_settings
helper_method
:can?
,
:current_application_settings
helper_method
:import_sources_enabled?
,
:github_import_enabled?
,
:github_import_configured?
,
:gitlab_import_enabled?
,
:gitlab_import_configured?
,
:bitbucket_import_enabled?
,
:bitbucket_import_configured?
,
:google_code_import_enabled?
,
:fogbugz_import_enabled?
,
:git_import_enabled?
,
:gitlab_project_import_enabled?
rescue_from
Encoding
::
CompatibilityError
do
|
exception
|
...
...
@@ -97,12 +97,8 @@ class ApplicationController < ActionController::Base
current_application_settings
.
after_sign_out_path
.
presence
||
new_user_session_path
end
def
abilities
Ability
.
abilities
end
def
can?
(
object
,
action
,
subject
)
abilities
.
allowed?
(
object
,
action
,
subject
)
Ability
.
allowed?
(
object
,
action
,
subject
)
end
def
access_denied!
...
...
app/finders/issuable_finder.rb
View file @
5853c96b
...
...
@@ -64,7 +64,7 @@ class IssuableFinder
if
project?
@project
=
Project
.
find
(
params
[
:project_id
])
unless
Ability
.
a
bilities
.
a
llowed?
(
current_user
,
:read_project
,
@project
)
unless
Ability
.
allowed?
(
current_user
,
:read_project
,
@project
)
@project
=
nil
end
else
...
...
app/finders/todos_finder.rb
View file @
5853c96b
...
...
@@ -83,7 +83,7 @@ class TodosFinder
if
project?
@project
=
Project
.
find
(
params
[
:project_id
])
unless
Ability
.
a
bilities
.
a
llowed?
(
current_user
,
:read_project
,
@project
)
unless
Ability
.
allowed?
(
current_user
,
:read_project
,
@project
)
@project
=
nil
end
else
...
...
app/mailers/base_mailer.rb
View file @
5853c96b
...
...
@@ -9,7 +9,7 @@ class BaseMailer < ActionMailer::Base
default
reply_to:
Proc
.
new
{
default_reply_to_address
.
format
}
def
can?
Ability
.
a
bilities
.
a
llowed?
(
current_user
,
action
,
subject
)
Ability
.
allowed?
(
current_user
,
action
,
subject
)
end
private
...
...
app/models/ability.rb
View file @
5853c96b
...
...
@@ -592,11 +592,6 @@ class Ability
[
:read_user
]
end
def
abilities
warn
'Ability.abilities is deprecated, use Ability.allowed?(user, action, subject) instead'
self
end
def
restricted_public_level?
current_application_settings
.
restricted_visibility_levels
.
include?
(
Gitlab
::
VisibilityLevel
::
PUBLIC
)
end
...
...
app/models/event.rb
View file @
5853c96b
...
...
@@ -65,7 +65,7 @@ class Event < ActiveRecord::Base
elsif
created_project?
true
elsif
issue?
||
issue_note?
Ability
.
a
bilities
.
a
llowed?
(
user
,
:read_issue
,
note?
?
note_target
:
target
)
Ability
.
allowed?
(
user
,
:read_issue
,
note?
?
note_target
:
target
)
else
((
merge_request?
||
note?
)
&&
target
.
present?
)
||
milestone?
end
...
...
app/models/merge_request.rb
View file @
5853c96b
...
...
@@ -411,7 +411,7 @@ class MergeRequest < ActiveRecord::Base
def
can_remove_source_branch?
(
current_user
)
!
source_project
.
protected_branch?
(
source_branch
)
&&
!
source_project
.
root_ref?
(
source_branch
)
&&
Ability
.
a
bilities
.
a
llowed?
(
current_user
,
:
push_code
,
source_project
)
&&
Ability
.
allowed?
(
current_user
,
:
push_code
,
source_project
)
&&
diff_head_commit
==
source_branch_head
end
...
...
app/models/user.rb
View file @
5853c96b
...
...
@@ -460,16 +460,12 @@ class User < ActiveRecord::Base
can?
(
:create_group
,
nil
)
end
def
abilities
Ability
.
abilities
end
def
can_select_namespace?
several_namespaces?
||
admin
end
def
can?
(
action
,
subject
)
abilities
.
allowed?
(
self
,
action
,
subject
)
Ability
.
allowed?
(
self
,
action
,
subject
)
end
def
first_name
...
...
app/services/base_service.rb
View file @
5853c96b
...
...
@@ -7,12 +7,8 @@ class BaseService
@project
,
@current_user
,
@params
=
project
,
user
,
params
.
dup
end
def
abilities
Ability
.
abilities
end
def
can?
(
object
,
action
,
subject
)
abilities
.
allowed?
(
object
,
action
,
subject
)
Ability
.
allowed?
(
object
,
action
,
subject
)
end
def
notification_service
...
...
lib/api/helpers.rb
View file @
5853c96b
...
...
@@ -148,7 +148,7 @@ module API
end
def
can?
(
object
,
action
,
subject
)
abilities
.
allowed?
(
object
,
action
,
subject
)
Ability
.
allowed?
(
object
,
action
,
subject
)
end
# Checks the occurrences of required attributes, each attribute must be present in the params hash
...
...
@@ -408,10 +408,6 @@ module API
links
.
join
(
', '
)
end
def
abilities
Ability
end
def
secret_token
File
.
read
(
Gitlab
.
config
.
gitlab_shell
.
secret_file
).
chomp
end
...
...
lib/banzai/reference_parser/base_parser.rb
View file @
5853c96b
...
...
@@ -211,7 +211,7 @@ module Banzai
end
def
can?
(
user
,
permission
,
subject
)
Ability
.
a
bilities
.
a
llowed?
(
user
,
permission
,
subject
)
Ability
.
allowed?
(
user
,
permission
,
subject
)
end
def
find_projects_for_hash_keys
(
hash
)
...
...
spec/controllers/projects/boards/issues_controller_spec.rb
View file @
5853c96b
...
...
@@ -41,8 +41,8 @@ describe Projects::Boards::IssuesController do
context
'with unauthorized user'
do
before
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_issue
,
project
).
and_return
(
false
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_issue
,
project
).
and_return
(
false
)
end
it
'returns a successful 403 response'
do
...
...
spec/controllers/projects/boards/lists_controller_spec.rb
View file @
5853c96b
...
...
@@ -35,8 +35,8 @@ describe Projects::Boards::ListsController do
context
'with unauthorized user'
do
before
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_list
,
project
).
and_return
(
false
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_list
,
project
).
and_return
(
false
)
end
it
'returns a successful 403 response'
do
...
...
spec/controllers/projects/boards_controller_spec.rb
View file @
5853c96b
...
...
@@ -23,8 +23,8 @@ describe Projects::BoardsController do
context
'with unauthorized user'
do
before
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_board
,
project
).
and_return
(
false
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_board
,
project
).
and_return
(
false
)
end
it
'returns a successful 404 response'
do
...
...
spec/lib/banzai/reference_parser/base_parser_spec.rb
View file @
5853c96b
...
...
@@ -30,7 +30,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
it
'returns the nodes if the attribute value equals the current project ID'
do
link
[
'data-project'
]
=
project
.
id
.
to_s
expect
(
Ability
.
abilities
).
not_to
receive
(
:allowed?
)
expect
(
Ability
).
not_to
receive
(
:allowed?
)
expect
(
subject
.
nodes_visible_to_user
(
user
,
[
link
])).
to
eq
([
link
])
end
...
...
@@ -39,7 +39,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
link
[
'data-project'
]
=
other_project
.
id
.
to_s
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
other_project
).
and_return
(
true
)
...
...
@@ -57,7 +57,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
link
[
'data-project'
]
=
other_project
.
id
.
to_s
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
other_project
).
and_return
(
false
)
...
...
@@ -221,7 +221,7 @@ describe Banzai::ReferenceParser::BaseParser, lib: true do
it
'delegates the permissions check to the Ability class'
do
user
=
double
(
:user
)
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
)
subject
.
can?
(
user
,
:read_project
,
project
)
...
...
spec/lib/banzai/reference_parser/user_parser_spec.rb
View file @
5853c96b
...
...
@@ -82,7 +82,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
end
it
'returns the nodes if the user can read the group'
do
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_group
,
group
).
and_return
(
true
)
...
...
@@ -90,7 +90,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
end
it
'returns an empty Array if the user can not read the group'
do
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_group
,
group
).
and_return
(
false
)
...
...
@@ -103,7 +103,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
it
'returns the nodes if the attribute value equals the current project ID'
do
link
[
'data-project'
]
=
project
.
id
.
to_s
expect
(
Ability
.
abilities
).
not_to
receive
(
:allowed?
)
expect
(
Ability
).
not_to
receive
(
:allowed?
)
expect
(
subject
.
nodes_visible_to_user
(
user
,
[
link
])).
to
eq
([
link
])
end
...
...
@@ -113,7 +113,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
link
[
'data-project'
]
=
other_project
.
id
.
to_s
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
other_project
).
and_return
(
true
)
...
...
@@ -125,7 +125,7 @@ describe Banzai::ReferenceParser::UserParser, lib: true do
link
[
'data-project'
]
=
other_project
.
id
.
to_s
expect
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
expect
(
Ability
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
other_project
).
and_return
(
false
)
...
...
spec/models/members/project_member_spec.rb
View file @
5853c96b
...
...
@@ -71,8 +71,6 @@ describe ProjectMember, models: true do
describe
:import_team
do
before
do
@abilities
=
Ability
@project_1
=
create
:project
@project_2
=
create
:project
...
...
@@ -91,8 +89,8 @@ describe ProjectMember, models: true do
it
{
expect
(
@project_2
.
users
).
to
include
(
@user_1
)
}
it
{
expect
(
@project_2
.
users
).
to
include
(
@user_2
)
}
it
{
expect
(
@abilities
.
allowed?
(
@user_1
,
:create_project
,
@project_2
)).
to
be_truthy
}
it
{
expect
(
@abilities
.
allowed?
(
@user_2
,
:read_project
,
@project_2
)).
to
be_truthy
}
it
{
expect
(
Ability
.
allowed?
(
@user_1
,
:create_project
,
@project_2
)).
to
be_truthy
}
it
{
expect
(
Ability
.
allowed?
(
@user_2
,
:read_project
,
@project_2
)).
to
be_truthy
}
end
describe
'project 1 should not be changed'
do
...
...
spec/models/note_spec.rb
View file @
5853c96b
...
...
@@ -85,7 +85,6 @@ describe Note, models: true do
@u1
=
create
(
:user
)
@u2
=
create
(
:user
)
@u3
=
create
(
:user
)
@abilities
=
Ability
end
describe
'read'
do
...
...
@@ -94,9 +93,9 @@ describe Note, models: true do
@p2
.
project_members
.
create
(
user:
@u3
,
access_level:
ProjectMember
::
GUEST
)
end
it
{
expect
(
@abilities
.
allowed?
(
@u1
,
:read_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
@abilities
.
allowed?
(
@u2
,
:read_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
@abilities
.
allowed?
(
@u3
,
:read_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u1
,
:read_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u2
,
:read_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
Ability
.
allowed?
(
@u3
,
:read_note
,
@p1
)).
to
be_falsey
}
end
describe
'write'
do
...
...
@@ -105,9 +104,9 @@ describe Note, models: true do
@p2
.
project_members
.
create
(
user:
@u3
,
access_level:
ProjectMember
::
DEVELOPER
)
end
it
{
expect
(
@abilities
.
allowed?
(
@u1
,
:create_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
@abilities
.
allowed?
(
@u2
,
:create_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
@abilities
.
allowed?
(
@u3
,
:create_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u1
,
:create_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u2
,
:create_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
Ability
.
allowed?
(
@u3
,
:create_note
,
@p1
)).
to
be_falsey
}
end
describe
'admin'
do
...
...
@@ -117,9 +116,9 @@ describe Note, models: true do
@p2
.
project_members
.
create
(
user:
@u3
,
access_level:
ProjectMember
::
MASTER
)
end
it
{
expect
(
@abilities
.
allowed?
(
@u1
,
:admin_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
@abilities
.
allowed?
(
@u2
,
:admin_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
@abilities
.
allowed?
(
@u3
,
:admin_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u1
,
:admin_note
,
@p1
)).
to
be_falsey
}
it
{
expect
(
Ability
.
allowed?
(
@u2
,
:admin_note
,
@p1
)).
to
be_truthy
}
it
{
expect
(
Ability
.
allowed?
(
@u3
,
:admin_note
,
@p1
)).
to
be_falsey
}
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment