BigW Consortium Gitlab

Commit a18ac627 by Felipe Artur

Block internal groups/projects visibility to external users

parent 44c12744
...@@ -11,7 +11,7 @@ class ContributedProjectsFinder ...@@ -11,7 +11,7 @@ class ContributedProjectsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = projects_visible_to_user(current_user) relation = projects_visible_to_user(current_user)
else else
relation = public_projects relation = public_projects
......
...@@ -12,7 +12,7 @@ class JoinedGroupsFinder ...@@ -12,7 +12,7 @@ class JoinedGroupsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = groups_visible_to_user(current_user) relation = groups_visible_to_user(current_user)
else else
relation = public_groups relation = public_groups
......
...@@ -11,7 +11,7 @@ class PersonalProjectsFinder ...@@ -11,7 +11,7 @@ class PersonalProjectsFinder
# #
# Returns an ActiveRecord::Relation. # Returns an ActiveRecord::Relation.
def execute(current_user = nil) def execute(current_user = nil)
if current_user if current_user && !current_user.external?
relation = projects_visible_to_user(current_user) relation = projects_visible_to_user(current_user)
else else
relation = public_projects relation = public_projects
......
...@@ -295,8 +295,11 @@ class Ability ...@@ -295,8 +295,11 @@ class Ability
end end
def can_read_group?(user, group) def can_read_group?(user, group)
user.admin? || group.public? || group.internal? || group.users.include?(user) || if user.external?
ProjectsFinder.new.execute(user, group: group).any? group.public? || ProjectsFinder.new.execute(user, group: group).any?
else
user.admin? || group.public? || group.internal? || group.users.include?(user) || ProjectsFinder.new.execute(user, group: group).any?
end
end end
def namespace_abilities(user, namespace) def namespace_abilities(user, namespace)
......
...@@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do ...@@ -777,9 +777,9 @@ ActiveRecord::Schema.define(version: 20160314143402) do
t.string "type" t.string "type"
t.string "title" t.string "title"
t.integer "project_id" t.integer "project_id"
t.datetime "created_at" t.datetime "created_at", null: false
t.datetime "updated_at" t.datetime "updated_at", null: false
t.boolean "active", default: false, null: false t.boolean "active", null: false
t.text "properties" t.text "properties"
t.boolean "template", default: false t.boolean "template", default: false
t.boolean "push_events", default: true t.boolean "push_events", default: true
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment