From 5710c1aaf865d56013e272d2f32abe70d987eafc Mon Sep 17 00:00:00 2001
From: Vinnie Okada <vokada@mrvinn.com>
Date: Sat, 14 Mar 2015 10:30:48 -0600
Subject: [PATCH] Update snippet authorization

Allow authors and admins to update the visibility level of personal and
project snippets.
---
 app/models/ability.rb | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/models/ability.rb b/app/models/ability.rb
index 890417e780d..652c6001e08 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -225,13 +225,15 @@ class Ability
 
     [:issue, :note, :project_snippet, :personal_snippet, :merge_request].each do |name|
       define_method "#{name}_abilities" do |user, subject|
-        if subject.author == user
-          [
+        if subject.author == user || user.is_admin?
+          rules = [
             :"read_#{name}",
             :"write_#{name}",
             :"modify_#{name}",
             :"admin_#{name}"
           ]
+          rules.push(:change_visibility_level) if subject.is_a?(Snippet)
+          rules
         elsif subject.respond_to?(:assignee) && subject.assignee == user
           [
             :"read_#{name}",
-- 
GitLab