root
/
gitlab-ce
mirror of https://gitlab.com/free-releases/gitlab-ce.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Incorporate review comments

This commit is contained in:
Stan Hu 2016-07-25 06:21:55 -07:00
parent d1ea2bca61
commit 871723da7f
5 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/projects/issues_controller.rb
View File

@ -71,7 +71,7 @@ class Projects::IssuesController < Projects::ApplicationController
@note = @project.notes.new(noteable: @issue) @note = @project.notes.new(noteable: @issue)
@noteable = @issue @noteable = @issue
preload_max_access_for_authors(@notes, @project) if @notes preload_max_access_for_authors(@notes, @project)
respond_to do |format| respond_to do |format|
format.html format.html

2
app/controllers/projects/merge_requests_controller.rb
View File

@ -387,7 +387,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController
@ref @ref
) )
preload_max_access_for_authors(@notes, @project) if @notes preload_max_access_for_authors(@notes, @project)
end end
def define_widget_vars def define_widget_vars

6
app/models/ability.rb
View File

@ -389,10 +389,8 @@ class Ability
end end
def can_edit_note?(user, note) def can_edit_note?(user, note)
return false unless note.editable? return false if !note.editable? || !user.present?
return false unless user.present? return true if note.author == user || user.admin?
return true if note.author == user
return true if user.admin?
if note.project if note.project
max_access_level = note.project.team.max_member_access(user.id) max_access_level = note.project.team.max_member_access(user.id)

4
app/models/member.rb
View File

@ -53,6 +53,10 @@ class Member < ActiveRecord::Base
default_value_for :notification_level, NotificationSetting.levels[:global] default_value_for :notification_level, NotificationSetting.levels[:global]
class << self class << self
def access_for_user_ids(user_ids)
where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h
end
def find_by_invite_token(invite_token) def find_by_invite_token(invite_token)
invite_token = Devise.token_generator.digest(self, :invite_token, invite_token) invite_token = Devise.token_generator.digest(self, :invite_token, invite_token)
find_by(invite_token: invite_token) find_by(invite_token: invite_token)

8
app/models/project_team.rb
View File

@ -138,20 +138,20 @@ class ProjectTeam
def max_member_access_for_user_ids(user_ids) def max_member_access_for_user_ids(user_ids)
user_ids = user_ids.uniq user_ids = user_ids.uniq
key = "max_member_access:#{project.id}" key = "max_member_access:#{project.id}"
RequestStore.store[key] ||= Hash.new RequestStore.store[key] ||= {}
access = RequestStore.store[key] access = RequestStore.store[key]
# Lookup only the IDs we need # Lookup only the IDs we need
user_ids = user_ids - access.keys user_ids = user_ids - access.keys
if user_ids.present? if user_ids.present?
user_ids.map { |id| access[id] = Gitlab::Access::NO_ACCESS } user_ids.each { |id| access[id] = Gitlab::Access::NO_ACCESS }
member_access = project.members.where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h member_access = project.members.access_for_user_ids(user_ids)
merge_max!(access, member_access) merge_max!(access, member_access)
if group if group
group_access = group.members.where(user_id: user_ids).has_access.pluck(:user_id, :access_level).to_h group_access = group.members.access_for_user_ids(user_ids)
merge_max!(access, group_access) merge_max!(access, group_access)
end end