diff --git a/CHANGELOG b/CHANGELOG index 2e5cd78c8a8a7c9bf099c519fecf9e6d4ab2a1bc..06008e78d6b28be976368fc91a5ae20ec35e99ae 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,3 +1,6 @@ +v 6.6.0 + - Permissions: Developer now can manage issue tracker (modify any issue) + v 6.5.1 - Fix branch selectbox when create merge request from fork diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb index 2aa73471e2b73fef1840384144b756596acec25b..a1a8bed09f4ae0fdbe0c06347b662b61de9c200a 100644 --- a/app/controllers/projects/blob_controller.rb +++ b/app/controllers/projects/blob_controller.rb @@ -6,6 +6,7 @@ class Projects::BlobController < Projects::ApplicationController before_filter :authorize_read_project! before_filter :authorize_code_access! before_filter :require_non_empty_project + before_filter :authorize_push!, only: [:destroy] before_filter :blob diff --git a/app/controllers/projects/edit_tree_controller.rb b/app/controllers/projects/edit_tree_controller.rb index aa4631300e0533f816e483b2f68d8250fcc4b1f3..6bd1a455f323a876e6a9e35d97139bfdf1542291 100644 --- a/app/controllers/projects/edit_tree_controller.rb +++ b/app/controllers/projects/edit_tree_controller.rb @@ -1,6 +1,7 @@ class Projects::EditTreeController < Projects::BaseTreeController before_filter :require_branch_head before_filter :blob + before_filter :authorize_push! def show @last_commit = Gitlab::Git::Commit.last_for_path(@repository, @ref, @path).sha diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 2ec270b31594bff2bcc5023075d56c7c68b9fc96..f260a2e0597d9559103785a2c9c29e21b5763376 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -9,7 +9,7 @@ class Projects::IssuesController < Projects::ApplicationController before_filter :authorize_write_issue!, only: [:new, :create] # Allow modify issue - before_filter :authorize_modify_issue!, only: [:edit, :update] + before_filter :authorize_modify_issue!, only: [:edit, :update, :bulk_update] respond_to :html diff --git a/app/controllers/projects/new_tree_controller.rb b/app/controllers/projects/new_tree_controller.rb index 2f3647ab071cab7f16844bd341d7310ae33297e8..3a51a78ef6fbf484a0ead7815502edaefb373676 100644 --- a/app/controllers/projects/new_tree_controller.rb +++ b/app/controllers/projects/new_tree_controller.rb @@ -1,5 +1,6 @@ class Projects::NewTreeController < Projects::BaseTreeController before_filter :require_branch_head + before_filter :authorize_push! def show end diff --git a/app/models/ability.rb b/app/models/ability.rb index cf925141f2d193b4cb4a1080f8f2d33fd8cdc843..038668fccfff987cfc51c5769304097b4c7636b9 100644 --- a/app/models/ability.rb +++ b/app/models/ability.rb @@ -125,6 +125,7 @@ class Ability project_report_rules + [ :write_merge_request, :write_wiki, + :modify_issue, :push_code ] end diff --git a/app/views/help/permissions.html.haml b/app/views/help/permissions.html.haml index 15e3bf3a135c755af28a4b9999fde3abe7a8a811..6505609022aa110c735998acb0e30110ecb6312c 100644 --- a/app/views/help/permissions.html.haml +++ b/app/views/help/permissions.html.haml @@ -100,6 +100,13 @@ %td.permission-x ✓ %td.permission-x ✓ %td.permission-x ✓ + %tr + %td Manage issue tracker + %td + %td + %td.permission-x ✓ + %td.permission-x ✓ + %td.permission-x ✓ %tr %td Add new team members %td diff --git a/app/views/projects/tree/_tree.html.haml b/app/views/projects/tree/_tree.html.haml index 4e80872df48954e2184fcec6ecc8c01fbb10ad72..ee850e2bc1b84f9081c0022add252d42277f6429 100644 --- a/app/views/projects/tree/_tree.html.haml +++ b/app/views/projects/tree/_tree.html.haml @@ -9,7 +9,7 @@ = link_to truncate(title, length: 40), project_tree_path(@project, path) - else = link_to title, '#' - - if @repository.branch_names.include?(@ref) + - if current_user && @repository.branch_names.include?(@ref) && current_user.can?(:push_code, @project) %li = link_to project_new_tree_path(@project, @id), title: 'New file', id: 'new-file-link' do %small