deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Security for online editor. Replace dev_access?, master_access? with can? method usage

Browse source
This commit is contained in:
randx 2012-10-21 12:12:14 +03:00
parent 5ec1ad8b23
commit 0189ee97ed
7 changed files with 56 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

8
app/helpers/tree_helper.rb
View file

@ -59,4 +59,12 @@ module TreeHelper
def tree_join(*args)
File.join(*args)
end
def allowed_tree_edit?
if @project.protected_branch? @ref
can?(current_user, :push_code_to_protected_branches, @project)
else
can?(current_user, :push_code, @project)
end
end
end