BigW Consortium Gitlab

Commit fffbc369 by Douwe Maan

Merge branch 'rs-issue-2092' into 'master'

Dynamically check `:admin_*` ability in two more spots. Closes #2092 Depends on !1037 See merge request !1042
parents 71a8c780 b9b2d086
...@@ -159,6 +159,16 @@ module Issuable ...@@ -159,6 +159,16 @@ module Issuable
end end
end end
# Convert this Issuable class name to a format usable by Ability definitions
#
# Examples:
#
# issuable.class # => MergeRequest
# issuable.to_ability_name # => "merge_request"
def to_ability_name
self.class.to_s.underscore
end
private private
def filter_superceded_votes(votes, notes) def filter_superceded_votes(votes, notes)
......
...@@ -27,8 +27,10 @@ class IssuableBaseService < BaseService ...@@ -27,8 +27,10 @@ class IssuableBaseService < BaseService
old_branch, new_branch) old_branch, new_branch)
end end
def filter_params def filter_params(issuable_ability_name = :issue)
unless can?(current_user, :admin_issue, project) ability = :"admin_#{issuable_ability_name}"
unless can?(current_user, ability, project)
params.delete(:milestone_id) params.delete(:milestone_id)
params.delete(:label_ids) params.delete(:label_ids)
params.delete(:assignee_id) params.delete(:assignee_id)
......
...@@ -10,6 +10,10 @@ module Issues ...@@ -10,6 +10,10 @@ module Issues
private private
def filter_params
super(:issue)
end
def execute_hooks(issue, action = 'open') def execute_hooks(issue, action = 'open')
issue_data = hook_data(issue, action) issue_data = hook_data(issue, action)
issue.project.execute_hooks(issue_data, :issue_hooks) issue.project.execute_hooks(issue_data, :issue_hooks)
......
...@@ -20,5 +20,11 @@ module MergeRequests ...@@ -20,5 +20,11 @@ module MergeRequests
merge_request.project.execute_services(merge_data, :merge_request_hooks) merge_request.project.execute_services(merge_data, :merge_request_hooks)
end end
end end
private
def filter_params
super(:merge_request)
end
end end
end end
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
- else - else
none none
.issuable-context-selectbox .issuable-context-selectbox
- if can?(current_user, :"admin_#{issuable.class.to_s.underscore}", @project) - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project)
= users_select_tag("#{issuable.class.table_name.singularize}[assignee_id]", placeholder: 'Select assignee', class: 'custom-form-control js-select2 js-assignee', selected: issuable.assignee_id, project: @target_project, null_user: true) = users_select_tag("#{issuable.class.table_name.singularize}[assignee_id]", placeholder: 'Select assignee', class: 'custom-form-control js-select2 js-assignee', selected: issuable.assignee_id, project: @target_project, null_user: true)
%div.prepend-top-20.clearfix %div.prepend-top-20.clearfix
...@@ -24,7 +24,7 @@ ...@@ -24,7 +24,7 @@
- else - else
none none
.issuable-context-selectbox .issuable-context-selectbox
- if can?(current_user, :"admin_#{issuable.class.to_s.underscore}", @project) - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project)
= f.select(:milestone_id, milestone_options(issuable), { include_blank: 'Select milestone' }, {class: 'select2 select2-compact js-select2 js-milestone'}) = f.select(:milestone_id, milestone_options(issuable), { include_blank: 'Select milestone' }, {class: 'select2 select2-compact js-select2 js-milestone'})
= hidden_field_tag :issuable_context = hidden_field_tag :issuable_context
= f.submit class: 'btn hide' = f.submit class: 'btn hide'
......
...@@ -38,7 +38,7 @@ ...@@ -38,7 +38,7 @@
.clearfix .clearfix
.error-alert .error-alert
%hr %hr
- if can?(current_user, :admin_issue, @project) - if can?(current_user, :"admin_#{issuable.to_ability_name}", @project)
.form-group .form-group
.issue-assignee .issue-assignee
= f.label :assignee_id, class: 'control-label' do = f.label :assignee_id, class: 'control-label' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment