Add ability rule for creating project in namespace

Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>

Add ability rule for creating project in namespace
aea79b80 · Dmitriy Zaporozhets · aca6be50 · aea79b80 · aea79b80 · aea79b80
Unverified Commit aea79b80 authored May 28, 2014 by Dmitriy Zaporozhets
Hide whitespace changes
Inline Side-by-side

Showing with 15 additions and 5 deletions

ability.rb app/models/ability.rb +8 -0

group.rb app/models/group.rb +5 -1

project.rb app/models/project.rb +0 -4

user.rb app/models/user.rb +2 -0

No files found.
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -188,6 +188,13 @@ class Ability
        rules << :read_group
      end

+      # Only group masters and group owners can create new projects in group
+      if group.has_master?(user) || group.has_owner?(user) || user.admin?
+        rules += [
+          :create_projects,
+        ]
+      end
+
      # Only group owner and administrators can manage group
      if group.has_owner?(user) || user.admin?
        rules += [
@@ -205,6 +212,7 @@ class Ability
      # Only namespace owner and administrators can manage it
      if namespace.owner == user || user.admin?
        rules += [
+          :create_projects,
          :manage_namespace
        ]
      end

--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -26,7 +26,7 @@ class Group < Namespace
  validates :avatar, file_size: { maximum: 100.kilobytes.to_i }

  mount_uploader :avatar, AttachmentUploader
-  
+
  def self.accessible_to(user)
    accessible_ids = Project.accessible_to(user).pluck(:namespace_id)
    accessible_ids += user.groups.pluck(:id) if user
@@ -60,6 +60,10 @@ class Group < Namespace
    owners.include?(user)
  end

+  def has_master?(user)
+    members.masters.where(user_id: user).any?
+  end
+
  def last_owner?(user)
    has_owner?(user) && owners.size == 1
  end

--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -387,10 +387,6 @@ class Project < ActiveRecord::Base
    end
  end

-  def transfer(new_namespace)
-    ProjectTransferService.new.transfer(self, new_namespace)
-  end
-
  def execute_hooks(data, hooks_scope = :push_hooks)
    hooks.send(hooks_scope).each do |hook|
      hook.async_execute(data)

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -90,6 +90,8 @@ class User < ActiveRecord::Base
  has_many :users_groups, dependent: :destroy
  has_many :groups, through: :users_groups
  has_many :owned_groups, -> { where users_groups: { group_access: UsersGroup::OWNER } }, through: :users_groups, source: :group
+  has_many :masters_groups, -> { where users_groups: { group_access: UsersGroup::MASTER } }, through: :users_groups, source: :group
+
  # Projects
  has_many :groups_projects,          through: :groups, source: :projects
  has_many :personal_projects,        through: :namespace, source: :projects