deac/gitlabhq
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Refactor abilities. Added ProjectUpdate context. Fixed few bugs with namespaces

Browse source
This commit is contained in:
Dmitriy Zaporozhets 2012-11-29 07:29:11 +03:00
parent a1ffc673b9
commit eb1004f789
18 changed files with 127 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

64
app/models/ability.rb
View file

@ -15,7 +15,37 @@ class Ability
def project_abilities(user, project)
rules = []
rules << [
# Rules based on role in project
if project.master_access_for?(user)
# TODO: replace with master rules.
# Only allow project administration for owners
rules << project_admin_rules
elsif project.dev_access_for?(user)
rules << project_dev_rules
elsif project.report_access_for?(user)
rules << project_report_rules
elsif project.guest_access_for?(user)
rules << project_guest_rules
end
# If user own project namespace (Ex. group owner or account owner)
if project.namespace && project.namespace.owner == user
rules << project_admin_rules
end
# If user was set as direct project owner
if project.owner == user
rules << project_admin_rules
end
rules.flatten
end
def project_guest_rules
[
:read_project,
:read_wiki,
:read_issue,
@ -27,28 +57,30 @@ class Ability
:write_project,
:write_issue,
:write_note
] if project.guest_access_for?(user)
]
end
rules << [
def project_report_rules
project_guest_rules + [
:download_code,
:write_merge_request,
:write_snippet
] if project.report_access_for?(user)
]
end
rules << [
def project_dev_rules
project_report_rules + [
:write_wiki,
:push_code
] if project.dev_access_for?(user)
]
end
rules << [
:push_code_to_protected_branches
] if project.master_access_for?(user)
rules << [
def project_master_rules
project_dev_rules + [
:push_code_to_protected_branches,
:modify_issue,
:modify_snippet,
:modify_merge_request,
:admin_project,
:admin_issue,
:admin_milestone,
:admin_snippet,
@ -57,9 +89,13 @@ class Ability
:admin_note,
:accept_mr,
:admin_wiki
] if project.master_access_for?(user) || project.owner == user
]
end
rules.flatten
def project_admin_rules
project_master_rules + [
:admin_project
]
end
def group_abilities user, group

4
app/models/group.rb
View file

@ -13,7 +13,9 @@
class Group < Namespace
def users
User.joins(:users_projects).where(users_projects: {project_id: project_ids}).uniq
users = User.joins(:users_projects).where(users_projects: {project_id: project_ids})
users = users << owner
users.uniq
end
def human_name

12
app/models/namespace.rb
View file

@ -53,12 +53,14 @@ class Namespace < ActiveRecord::Base
end
def move_dir
old_path = File.join(Gitlab.config.git_base_path, path_was)
new_path = File.join(Gitlab.config.git_base_path, path)
if File.exists?(new_path)
raise "Already exists"
if path_changed?
old_path = File.join(Gitlab.config.git_base_path, path_was)
new_path = File.join(Gitlab.config.git_base_path, path)
if File.exists?(new_path)
raise "Already exists"
end
system("mv #{old_path} #{new_path}")
end
system("mv #{old_path} #{new_path}")
end
def rm_dir

2
app/models/project.rb
View file

@ -29,7 +29,7 @@ class Project < ActiveRecord::Base
attr_accessible :name, :path, :description, :default_branch, :issues_enabled,
:wall_enabled, :merge_requests_enabled, :wiki_enabled, as: [:default, :admin]
attr_accessible :namespace_id, as: :admin
attr_accessible :namespace_id, :owner_id, as: :admin
attr_accessor :error_code

7
app/models/user.rb
View file

@ -123,4 +123,11 @@ class User < ActiveRecord::Base
self.password = self.password_confirmation = Devise.friendly_token.first(8)
end
end
def accessed_groups
@accessed_groups ||= begin
groups = Group.where(id: self.projects.pluck(:namespace_id)).all
groups + self.groups
end
end
end