spec/policies · 179a1ee7c669e758f8dc9fb5e9c8f2563012a6e1 · Forest Godfrey / gitlab-ce

Allows `access_(git|api)` to anonymous users · d801dd17

authored May 09, 2018

The `access_git` and `access_api` were currently never checked for
anonymous users. And they would also be allowed access:

  An anonymous user can clone and pull from a public repo

  An anonymous user can request public information from the API

So the policy didn't actually reflect what we were enforcing.

d801dd17

Name	Last commit	Last update
..
application_setting		Loading commit data...
ci		Loading commit data...
clusters		Loading commit data...
base_policy_spec.rb		Loading commit data...
deploy_key_policy_spec.rb		Loading commit data...
deploy_token_policy_spec.rb		Loading commit data...
environment_policy_spec.rb		Loading commit data...
global_policy_spec.rb		Loading commit data...
group_policy_spec.rb		Loading commit data...
issuable_policy_spec.rb		Loading commit data...
issue_policy_spec.rb		Loading commit data...
namespace_policy_spec.rb		Loading commit data...
note_policy_spec.rb		Loading commit data...
personal_snippet_policy_spec.rb		Loading commit data...
project_policy_spec.rb		Loading commit data...
project_snippet_policy_spec.rb		Loading commit data...
protected_branch_policy_spec.rb		Loading commit data...
user_policy_spec.rb		Loading commit data...