debian-mirror-gitlab/app/policies/issue_policy.rb

33 lines
814 B
Ruby
Raw Normal View History

2016-09-29 09:46:39 +05:30
class IssuePolicy < IssuablePolicy
2016-11-24 13:41:30 +05:30
# This class duplicates the same check of Issue#readable_by? for performance reasons
# Make sure to sync this class checks with issue.rb to avoid security problems.
# Check commit 002ad215818450d2cbbc5fa065850a953dc7ada8 for more information.
2016-09-29 09:46:39 +05:30
def issue
@subject
end
def rules
super
if @subject.confidential? && !can_read_confidential?
cannot! :read_issue
cannot! :admin_issue
cannot! :update_issue
cannot! :read_issue
end
end
private
def can_read_confidential?
return false unless @user
return true if @user.admin?
return true if @subject.author == @user
return true if @subject.assignee == @user
return true if @subject.project.team.member?(@user, Gitlab::Access::REPORTER)
false
end
end