debian-mirror-gitlab/app/policies/issuable_policy.rb

65 lines
1.7 KiB
Ruby
Raw Normal View History

2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2016-09-29 09:46:39 +05:30
class IssuablePolicy < BasePolicy
2017-09-10 17:25:29 +05:30
delegate { @subject.project }
2016-09-29 09:46:39 +05:30
2018-03-17 18:26:18 +05:30
condition(:locked, scope: :subject, score: 0) { @subject.discussion_locked? }
condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) }
2022-10-11 01:57:18 +05:30
condition(:can_read_issuable) { can?(:"read_#{@subject.to_ability_name}") }
2018-03-17 18:26:18 +05:30
2017-09-10 17:25:29 +05:30
desc "User is the assignee or author"
condition(:assignee_or_author) do
@user && @subject.assignee_or_author?(@user)
end
2016-09-29 09:46:39 +05:30
2021-10-29 20:43:33 +05:30
condition(:is_author) { @subject&.author == @user }
2022-07-23 23:45:48 +05:30
condition(:is_incident) { @subject.incident? }
rule { can?(:guest_access) & assignee_or_author & ~is_incident }.policy do
2017-09-10 17:25:29 +05:30
enable :read_issue
enable :update_issue
2018-11-20 20:47:30 +05:30
enable :reopen_issue
2021-12-07 22:27:20 +05:30
end
rule { can?(:read_merge_request) & assignee_or_author }.policy do
2017-09-10 17:25:29 +05:30
enable :update_merge_request
2019-07-07 11:18:12 +05:30
enable :reopen_merge_request
2016-09-29 09:46:39 +05:30
end
2018-03-17 18:26:18 +05:30
2021-10-29 20:43:33 +05:30
rule { is_author }.policy do
enable :resolve_note
end
2018-03-17 18:26:18 +05:30
rule { locked & ~is_project_member }.policy do
prevent :create_note
prevent :admin_note
prevent :resolve_note
2020-11-24 15:15:51 +05:30
prevent :award_emoji
2018-03-17 18:26:18 +05:30
end
2022-07-16 23:28:13 +05:30
rule { can?(:read_issue) }.policy do
enable :read_incident_management_timeline_event
end
rule { can?(:read_issue) & can?(:developer_access) }.policy do
enable :admin_incident_management_timeline_event
end
2022-08-27 11:52:29 +05:30
rule { can?(:reporter_access) }.policy do
enable :create_timelog
end
2022-10-11 01:57:18 +05:30
rule { can_read_issuable }.policy do
enable :read_issuable
2022-11-25 23:54:43 +05:30
enable :read_issuable_participables
end
# This rule replicates permissions in NotePolicy#can_read_confidential
rule { can?(:reporter_access) | assignee_or_author | admin }.policy do
enable :read_internal_note
2022-10-11 01:57:18 +05:30
end
2016-09-29 09:46:39 +05:30
end
2021-02-22 17:27:13 +05:30
2021-06-08 01:23:25 +05:30
IssuablePolicy.prepend_mod_with('IssuablePolicy')