Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
GitLab
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Analytics
Analytics
Repository
Value Stream
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Commits
Open sidebar
projects.thm.de
GitLab
Commits
a5b54f91
Unverified
Commit
a5b54f91
authored
Jun 30, 2015
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Reporter role can manage issue tracker now
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
8e6efc5e
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
43 additions
and
6 deletions
+43
-6
CHANGELOG
CHANGELOG
+1
-0
app/models/ability.rb
app/models/ability.rb
+4
-4
doc/permissions/permissions.md
doc/permissions/permissions.md
+2
-2
spec/features/security/project/internal_access_spec.rb
spec/features/security/project/internal_access_spec.rb
+12
-0
spec/features/security/project/private_access_spec.rb
spec/features/security/project/private_access_spec.rb
+12
-0
spec/features/security/project/public_access_spec.rb
spec/features/security/project/public_access_spec.rb
+12
-0
No files found.
CHANGELOG
View file @
a5b54f91
...
...
@@ -22,6 +22,7 @@ v 7.13.0 (unreleased)
- Explicit error when commit not found in the CI
- Improve performance for issue and merge request pages
- Users with guest access level can not set assignee, labels or milestones for issue and merge request
- Reporter role can manage issue tracker now: edit any issue, set assignee or milestone and manage labels
v 7.12.0 (unreleased)
- Fix Error 500 when one user attempts to access a personal, internal snippet (Stan Hu)
...
...
app/models/ability.rb
View file @
a5b54f91
...
...
@@ -155,7 +155,10 @@ def project_report_rules
project_guest_rules
+
[
:download_code
,
:fork_project
,
:create_project_snippet
:create_project_snippet
,
:update_issue
,
:admin_issue
,
:admin_label
,
]
end
...
...
@@ -163,9 +166,6 @@ def project_dev_rules
project_report_rules
+
[
:create_merge_request
,
:create_wiki
,
:update_issue
,
:admin_issue
,
:admin_label
,
:push_code
]
end
...
...
doc/permissions/permissions.md
View file @
a5b54f91
...
...
@@ -15,6 +15,8 @@ If a user is a GitLab administrator they receive all permissions.
| Pull project code | | ✓ | ✓ | ✓ | ✓ |
| Download project | | ✓ | ✓ | ✓ | ✓ |
| Create code snippets | | ✓ | ✓ | ✓ | ✓ |
| Manage issue tracker | | ✓ | ✓ | ✓ | ✓ |
| Manage labels | | ✓ | ✓ | ✓ | ✓ |
| Create new merge request | | | ✓ | ✓ | ✓ |
| Create new branches | | | ✓ | ✓ | ✓ |
| Push to non-protected branches | | | ✓ | ✓ | ✓ |
...
...
@@ -22,8 +24,6 @@ If a user is a GitLab administrator they receive all permissions.
| Remove non-protected branches | | | ✓ | ✓ | ✓ |
| Add tags | | | ✓ | ✓ | ✓ |
| Write a wiki | | | ✓ | ✓ | ✓ |
| Manage issue tracker | | | ✓ | ✓ | ✓ |
| Manage labels | | | ✓ | ✓ | ✓ |
| Create new milestones | | | | ✓ | ✓ |
| Add new team members | | | | ✓ | ✓ |
| Push to protected branches | | | | ✓ | ✓ |
...
...
spec/features/security/project/internal_access_spec.rb
View file @
a5b54f91
...
...
@@ -138,6 +138,18 @@
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/issues/:id/edit"
do
let
(
:issue
)
{
create
(
:issue
,
project:
project
)
}
subject
{
edit_namespace_project_issue_path
(
project
.
namespace
,
project
,
issue
)
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
reporter
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/snippets"
do
subject
{
namespace_project_snippets_path
(
project
.
namespace
,
project
)
}
...
...
spec/features/security/project/private_access_spec.rb
View file @
a5b54f91
...
...
@@ -138,6 +138,18 @@
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/issues/:id/edit"
do
let
(
:issue
)
{
create
(
:issue
,
project:
project
)
}
subject
{
edit_namespace_project_issue_path
(
project
.
namespace
,
project
,
issue
)
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
reporter
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/snippets"
do
subject
{
namespace_project_snippets_path
(
project
.
namespace
,
project
)
}
...
...
spec/features/security/project/public_access_spec.rb
View file @
a5b54f91
...
...
@@ -143,6 +143,18 @@
it
{
is_expected
.
to
be_allowed_for
:visitor
}
end
describe
"GET /:project_path/issues/:id/edit"
do
let
(
:issue
)
{
create
(
:issue
,
project:
project
)
}
subject
{
edit_namespace_project_issue_path
(
project
.
namespace
,
project
,
issue
)
}
it
{
is_expected
.
to
be_allowed_for
master
}
it
{
is_expected
.
to
be_allowed_for
reporter
}
it
{
is_expected
.
to
be_allowed_for
:admin
}
it
{
is_expected
.
to
be_denied_for
guest
}
it
{
is_expected
.
to
be_denied_for
:user
}
it
{
is_expected
.
to
be_denied_for
:visitor
}
end
describe
"GET /:project_path/snippets"
do
subject
{
namespace_project_snippets_path
(
project
.
namespace
,
project
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment