BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
62f6601c
Commit
62f6601c
authored
Apr 15, 2016
by
Felipe Artur
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Show project members only for members
parent
17b60d68
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
49 additions
and
3 deletions
+49
-3
project_members_controller.rb
app/controllers/projects/project_members_controller.rb
+6
-1
projects_helper.rb
app/helpers/projects_helper.rb
+4
-0
ability.rb
app/models/ability.rb
+11
-1
_project.html.haml
app/views/layouts/nav/_project.html.haml
+1
-1
project_members_controller_spec.rb
spec/controllers/projects/project_members_controller_spec.rb
+27
-0
No files found.
app/controllers/projects/project_members_controller.rb
View file @
62f6601c
class
Projects
::
ProjectMembersController
<
Projects
::
ApplicationController
class
Projects
::
ProjectMembersController
<
Projects
::
ApplicationController
# Authorize
# Authorize
before_action
:authorize_admin_project_member!
,
except: :leave
before_action
:authorize_admin_project_member!
,
except:
[
:leave
,
:index
]
before_action
:authorize_read_members_list!
,
only:
[
:index
]
def
index
def
index
@project_members
=
@project
.
project_members
@project_members
=
@project
.
project_members
...
@@ -112,4 +113,8 @@ class Projects::ProjectMembersController < Projects::ApplicationController
...
@@ -112,4 +113,8 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def
member_params
def
member_params
params
.
require
(
:project_member
).
permit
(
:user_id
,
:access_level
)
params
.
require
(
:project_member
).
permit
(
:user_id
,
:access_level
)
end
end
def
authorize_read_members_list!
render_403
unless
can?
(
current_user
,
:read_members_list
,
@project
)
end
end
end
app/helpers/projects_helper.rb
View file @
62f6601c
...
@@ -144,6 +144,10 @@ module ProjectsHelper
...
@@ -144,6 +144,10 @@ module ProjectsHelper
nav_tabs
<<
:settings
nav_tabs
<<
:settings
end
end
if
can?
(
current_user
,
:read_members_list
,
project
)
nav_tabs
<<
:team
end
if
can?
(
current_user
,
:read_issue
,
project
)
if
can?
(
current_user
,
:read_issue
,
project
)
nav_tabs
<<
:issues
nav_tabs
<<
:issues
end
end
...
...
app/models/ability.rb
View file @
62f6601c
...
@@ -154,9 +154,17 @@ class Ability
...
@@ -154,9 +154,17 @@ class Ability
end
end
end
end
def
project_member_rules
(
team
,
user
)
all_members_rules
=
[]
#Rules only for members which does not include public behavior
all_members_rules
<<
:read_members_list
if
team
.
members
.
include?
(
user
)
all_members_rules
end
def
project_team_rules
(
team
,
user
)
def
project_team_rules
(
team
,
user
)
# Rules based on role in project
# Rules based on role in project
if
team
.
master?
(
user
)
filtered_rules
=
if
team
.
master?
(
user
)
project_master_rules
project_master_rules
elsif
team
.
developer?
(
user
)
elsif
team
.
developer?
(
user
)
project_dev_rules
project_dev_rules
...
@@ -165,6 +173,8 @@ class Ability
...
@@ -165,6 +173,8 @@ class Ability
elsif
team
.
guest?
(
user
)
elsif
team
.
guest?
(
user
)
project_guest_rules
project_guest_rules
end
end
Array
(
filtered_rules
)
+
project_member_rules
(
team
,
user
)
end
end
def
public_project_rules
def
public_project_rules
...
...
app/views/layouts/nav/_project.html.haml
View file @
62f6601c
...
@@ -77,7 +77,7 @@
...
@@ -77,7 +77,7 @@
Merge Requests
Merge Requests
%span
.count.merge_counter
=
number_with_delimiter
(
@project
.
merge_requests
.
opened
.
count
)
%span
.count.merge_counter
=
number_with_delimiter
(
@project
.
merge_requests
.
opened
.
count
)
-
if
project_nav_tab?
:
settings
-
if
project_nav_tab?
:
team
=
nav_link
(
controller:
[
:project_members
,
:teams
])
do
=
nav_link
(
controller:
[
:project_members
,
:teams
])
do
=
link_to
namespace_project_project_members_path
(
@project
.
namespace
,
@project
),
title:
'Members'
,
class:
'team-tab tab'
do
=
link_to
namespace_project_project_members_path
(
@project
.
namespace
,
@project
),
title:
'Members'
,
class:
'team-tab tab'
do
=
icon
(
'users fw'
)
=
icon
(
'users fw'
)
...
...
spec/controllers/projects/project_members_controller_spec.rb
View file @
62f6601c
...
@@ -46,4 +46,31 @@ describe Projects::ProjectMembersController do
...
@@ -46,4 +46,31 @@ describe Projects::ProjectMembersController do
end
end
end
end
end
end
describe
'index'
do
let
(
:project
)
{
create
(
:project
,
:internal
)
}
context
'when user is member'
do
let
(
:member
)
{
create
(
:user
)
}
before
do
project
.
team
<<
[
member
,
:guest
]
sign_in
(
member
)
get
:index
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
.
to_param
end
it
{
expect
(
response
.
status
).
to
eq
(
200
)
}
end
context
'when user is not member'
do
let
(
:not_member
)
{
create
(
:user
)
}
before
do
sign_in
(
not_member
)
get
:index
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
.
to_param
end
it
{
expect
(
response
.
status
).
to
eq
(
403
)
}
end
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment