Security for online editor. Replace dev_access?, master_access? with can? method usage
This commit is contained in:
randx
parent
5ec1ad8b23
commit
0189ee97ed
7 changed files with 56 additions and 18 deletions
|
|
@ -53,6 +53,6 @@ module Authority
|
|||
end
|
||||
|
||||
def master_access_for?(user)
|
||||
!users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty? || owner_id == user.id
|
||||
!users_projects.where(user_id: user.id, project_access: [UsersProject::MASTER]).empty?
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -181,4 +181,9 @@ module Repository
|
|||
def http_url_to_repo
|
||||
http_url = [Gitlab.config.url, "/", path, ".git"].join('')
|
||||
end
|
||||
|
||||
# Check if current branch name is marked as protected in the system
|
||||
def protected_branch? branch_name
|
||||
protected_branches.map(&:name).include?(branch_name)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue