Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
c35277ca
Commit
c35277ca
authored
Apr 21, 2021
by
Sean Arnold
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Allow project members who are owners permissions
Changelog: fixed
parent
e3a22f2d
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
20 additions
and
1 deletion
+20
-1
app/policies/project_member_policy.rb
app/policies/project_member_policy.rb
+5
-1
changelogs/unreleased/327814-allow-project-owner-as-member.yml
...elogs/unreleased/327814-allow-project-owner-as-member.yml
+5
-0
spec/policies/project_member_policy_spec.rb
spec/policies/project_member_policy_spec.rb
+10
-0
No files found.
app/policies/project_member_policy.rb
View file @
c35277ca
...
@@ -8,7 +8,11 @@ class ProjectMemberPolicy < BasePolicy
...
@@ -8,7 +8,11 @@ class ProjectMemberPolicy < BasePolicy
condition
(
:project_bot
)
{
@subject
.
user
&
.
project_bot?
}
condition
(
:project_bot
)
{
@subject
.
user
&
.
project_bot?
}
rule
{
anonymous
}.
prevent_all
rule
{
anonymous
}.
prevent_all
rule
{
target_is_owner
}.
prevent_all
rule
{
target_is_owner
}.
policy
do
prevent
:update_project_member
prevent
:destroy_project_member
end
rule
{
~
project_bot
&
can?
(
:admin_project_member
)
}.
policy
do
rule
{
~
project_bot
&
can?
(
:admin_project_member
)
}.
policy
do
enable
:update_project_member
enable
:update_project_member
...
...
changelogs/unreleased/327814-allow-project-owner-as-member.yml
0 → 100644
View file @
c35277ca
---
title
:
Fix restrictive permissions for ProjectMembers who are owners
merge_request
:
59844
author
:
type
:
fixed
spec/policies/project_member_policy_spec.rb
View file @
c35277ca
...
@@ -16,12 +16,22 @@ RSpec.describe ProjectMemberPolicy do
...
@@ -16,12 +16,22 @@ RSpec.describe ProjectMemberPolicy do
context
'with regular member'
do
context
'with regular member'
do
let
(
:member_user
)
{
create
(
:user
)
}
let
(
:member_user
)
{
create
(
:user
)
}
it
{
is_expected
.
to
be_allowed
(
:read_project
)
}
it
{
is_expected
.
to
be_allowed
(
:update_project_member
)
}
it
{
is_expected
.
to
be_allowed
(
:update_project_member
)
}
it
{
is_expected
.
to
be_allowed
(
:destroy_project_member
)
}
it
{
is_expected
.
to
be_allowed
(
:destroy_project_member
)
}
it
{
is_expected
.
not_to
be_allowed
(
:destroy_project_bot_member
)
}
it
{
is_expected
.
not_to
be_allowed
(
:destroy_project_bot_member
)
}
end
end
context
'when user is project owner'
do
let
(
:member_user
)
{
project
.
owner
}
let
(
:member
)
{
project
.
members
.
find_by!
(
user:
member_user
)
}
it
{
is_expected
.
to
be_allowed
(
:read_project
)
}
it
{
is_expected
.
to
be_disallowed
(
:update_project_member
)
}
it
{
is_expected
.
to
be_disallowed
(
:destroy_project_member
)
}
end
context
'with a bot member'
do
context
'with a bot member'
do
let
(
:member_user
)
{
create
(
:user
,
:project_bot
)
}
let
(
:member_user
)
{
create
(
:user
,
:project_bot
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment