Commit b6aa0b98 authored by Nick Thomas's avatar Nick Thomas

Fix conflicts in policies

parent 571e9fdd
<<<<<<< HEAD
require 'declarative_policy'
=======
require_dependency 'declarative_policy' require_dependency 'declarative_policy'
>>>>>>> ce/master
class BasePolicy < DeclarativePolicy::Base class BasePolicy < DeclarativePolicy::Base
desc "User is an instance admin" desc "User is an instance admin"
...@@ -14,7 +10,6 @@ class BasePolicy < DeclarativePolicy::Base ...@@ -14,7 +10,6 @@ class BasePolicy < DeclarativePolicy::Base
with_options scope: :user, score: 0 with_options scope: :user, score: 0
condition(:can_create_group) { @user&.can_create_group } condition(:can_create_group) { @user&.can_create_group }
<<<<<<< HEAD
# EE Extensions # EE Extensions
with_scope :user with_scope :user
...@@ -25,6 +20,4 @@ class BasePolicy < DeclarativePolicy::Base ...@@ -25,6 +20,4 @@ class BasePolicy < DeclarativePolicy::Base
with_scope :global with_scope :global
condition(:license_block) { License.block_changes? } condition(:license_block) { License.block_changes? }
=======
>>>>>>> ce/master
end end
class GroupPolicy < BasePolicy class GroupPolicy < BasePolicy
<<<<<<< HEAD
prepend EE::GroupPolicy prepend EE::GroupPolicy
=======
>>>>>>> ce/master
desc "Group is public" desc "Group is public"
with_options scope: :subject, score: 0 with_options scope: :subject, score: 0
condition(:public_group) { @subject.public? } condition(:public_group) { @subject.public? }
with_score 0 with_score 0
condition(:logged_in_viewable) { @user && @subject.internal? && !@user.external? } condition(:logged_in_viewable) { @user && @subject.internal? && !@user.external? }
<<<<<<< HEAD
condition(:has_access) { access_level != GroupMember::NO_ACCESS } condition(:has_access) { access_level != GroupMember::NO_ACCESS }
...@@ -19,16 +15,6 @@ class GroupPolicy < BasePolicy ...@@ -19,16 +15,6 @@ class GroupPolicy < BasePolicy
condition(:master) { access_level >= GroupMember::MASTER } condition(:master) { access_level >= GroupMember::MASTER }
condition(:reporter) { access_level >= GroupMember::REPORTER } condition(:reporter) { access_level >= GroupMember::REPORTER }
=======
condition(:has_access) { access_level != GroupMember::NO_ACCESS }
condition(:guest) { access_level >= GroupMember::GUEST }
condition(:owner) { access_level >= GroupMember::OWNER }
condition(:master) { access_level >= GroupMember::MASTER }
condition(:reporter) { access_level >= GroupMember::REPORTER }
>>>>>>> ce/master
condition(:has_projects) do condition(:has_projects) do
GroupProjectsFinder.new(group: @subject, current_user: @user).execute.any? GroupProjectsFinder.new(group: @subject, current_user: @user).execute.any?
end end
......
class ProjectPolicy < BasePolicy class ProjectPolicy < BasePolicy
<<<<<<< HEAD
prepend EE::ProjectPolicy prepend EE::ProjectPolicy
def self.create_read_update_admin(name) def self.create_read_update_admin(name)
...@@ -30,36 +29,6 @@ class ProjectPolicy < BasePolicy ...@@ -30,36 +29,6 @@ class ProjectPolicy < BasePolicy
desc "User has reporter access" desc "User has reporter access"
condition(:reporter) { team_access_level >= Gitlab::Access::REPORTER } condition(:reporter) { team_access_level >= Gitlab::Access::REPORTER }
=======
def self.create_read_update_admin(name)
[
:"create_#{name}",
:"read_#{name}",
:"update_#{name}",
:"admin_#{name}"
]
end
desc "User is a project owner"
condition :owner do
@user && project.owner == @user || (project.group && project.group.has_owner?(@user))
end
desc "Project has public builds enabled"
condition(:public_builds, scope: :subject) { project.public_builds? }
# For guest access we use #is_team_member? so we can use
# project.members, which gets cached in subject scope.
# This is safe because team_access_level is guaranteed
# by ProjectAuthorization's validation to be at minimum
# GUEST
desc "User has guest access"
condition(:guest) { is_team_member? }
desc "User has reporter access"
condition(:reporter) { team_access_level >= Gitlab::Access::REPORTER }
>>>>>>> ce/master
desc "User has developer access" desc "User has developer access"
condition(:developer) { team_access_level >= Gitlab::Access::DEVELOPER } condition(:developer) { team_access_level >= Gitlab::Access::DEVELOPER }
......
...@@ -27,10 +27,7 @@ class ProjectSnippetPolicy < BasePolicy ...@@ -27,10 +27,7 @@ class ProjectSnippetPolicy < BasePolicy
all?(private_snippet | (internal & external_user), all?(private_snippet | (internal & external_user),
~project.guest, ~project.guest,
~admin, ~admin,
<<<<<<< HEAD
~auditor, ~auditor,
=======
>>>>>>> ce/master
~is_author) ~is_author)
end.prevent :read_project_snippet end.prevent :read_project_snippet
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment