BigW Consortium Gitlab
Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
G
gitlab-ce
Project
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
Registry
Registry
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Commits
Issue Boards
Open sidebar
Forest Godfrey
gitlab-ce
Commits
62f6601c
Commit
62f6601c
authored
Apr 15, 2016
by
Felipe Artur
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Show project members only for members
parent
17b60d68
Show whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
49 additions
and
3 deletions
+49
-3
project_members_controller.rb
app/controllers/projects/project_members_controller.rb
+6
-1
projects_helper.rb
app/helpers/projects_helper.rb
+4
-0
ability.rb
app/models/ability.rb
+11
-1
_project.html.haml
app/views/layouts/nav/_project.html.haml
+1
-1
project_members_controller_spec.rb
spec/controllers/projects/project_members_controller_spec.rb
+27
-0
No files found.
app/controllers/projects/project_members_controller.rb
View file @
62f6601c
class
Projects
::
ProjectMembersController
<
Projects
::
ApplicationController
# Authorize
before_action
:authorize_admin_project_member!
,
except: :leave
before_action
:authorize_admin_project_member!
,
except:
[
:leave
,
:index
]
before_action
:authorize_read_members_list!
,
only:
[
:index
]
def
index
@project_members
=
@project
.
project_members
...
...
@@ -112,4 +113,8 @@ class Projects::ProjectMembersController < Projects::ApplicationController
def
member_params
params
.
require
(
:project_member
).
permit
(
:user_id
,
:access_level
)
end
def
authorize_read_members_list!
render_403
unless
can?
(
current_user
,
:read_members_list
,
@project
)
end
end
app/helpers/projects_helper.rb
View file @
62f6601c
...
...
@@ -144,6 +144,10 @@ module ProjectsHelper
nav_tabs
<<
:settings
end
if
can?
(
current_user
,
:read_members_list
,
project
)
nav_tabs
<<
:team
end
if
can?
(
current_user
,
:read_issue
,
project
)
nav_tabs
<<
:issues
end
...
...
app/models/ability.rb
View file @
62f6601c
...
...
@@ -154,9 +154,17 @@ class Ability
end
end
def
project_member_rules
(
team
,
user
)
all_members_rules
=
[]
#Rules only for members which does not include public behavior
all_members_rules
<<
:read_members_list
if
team
.
members
.
include?
(
user
)
all_members_rules
end
def
project_team_rules
(
team
,
user
)
# Rules based on role in project
if
team
.
master?
(
user
)
filtered_rules
=
if
team
.
master?
(
user
)
project_master_rules
elsif
team
.
developer?
(
user
)
project_dev_rules
...
...
@@ -165,6 +173,8 @@ class Ability
elsif
team
.
guest?
(
user
)
project_guest_rules
end
Array
(
filtered_rules
)
+
project_member_rules
(
team
,
user
)
end
def
public_project_rules
...
...
app/views/layouts/nav/_project.html.haml
View file @
62f6601c
...
...
@@ -77,7 +77,7 @@
Merge Requests
%span
.count.merge_counter
=
number_with_delimiter
(
@project
.
merge_requests
.
opened
.
count
)
-
if
project_nav_tab?
:
settings
-
if
project_nav_tab?
:
team
=
nav_link
(
controller:
[
:project_members
,
:teams
])
do
=
link_to
namespace_project_project_members_path
(
@project
.
namespace
,
@project
),
title:
'Members'
,
class:
'team-tab tab'
do
=
icon
(
'users fw'
)
...
...
spec/controllers/projects/project_members_controller_spec.rb
View file @
62f6601c
...
...
@@ -46,4 +46,31 @@ describe Projects::ProjectMembersController do
end
end
end
describe
'index'
do
let
(
:project
)
{
create
(
:project
,
:internal
)
}
context
'when user is member'
do
let
(
:member
)
{
create
(
:user
)
}
before
do
project
.
team
<<
[
member
,
:guest
]
sign_in
(
member
)
get
:index
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
.
to_param
end
it
{
expect
(
response
.
status
).
to
eq
(
200
)
}
end
context
'when user is not member'
do
let
(
:not_member
)
{
create
(
:user
)
}
before
do
sign_in
(
not_member
)
get
:index
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
.
to_param
end
it
{
expect
(
response
.
status
).
to
eq
(
403
)
}
end
end
end
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment