Commit 2a1c5cdf99e943950af7630742299222a591827c
1 parent
f6bfa095
Exists in
master
and in
4 other branches
Only owner of current namespace can change project namespace
Showing
3 changed files
with
15 additions
and
9 deletions
Show diff stats
app/contexts/project_update_context.rb
| @@ -2,7 +2,7 @@ class ProjectUpdateContext < BaseContext | @@ -2,7 +2,7 @@ class ProjectUpdateContext < BaseContext | ||
| 2 | def execute(role = :default) | 2 | def execute(role = :default) |
| 3 | namespace_id = params[:project].delete(:namespace_id) | 3 | namespace_id = params[:project].delete(:namespace_id) |
| 4 | 4 | ||
| 5 | - if namespace_id.present? | 5 | + if can?(current_user, :change_namespace, project) && namespace_id.present? |
| 6 | if namespace_id == Namespace.global_id | 6 | if namespace_id == Namespace.global_id |
| 7 | if project.namespace.present? | 7 | if project.namespace.present? |
| 8 | # Transfer to global namespace from anyone | 8 | # Transfer to global namespace from anyone |
app/models/ability.rb
| @@ -17,9 +17,7 @@ class Ability | @@ -17,9 +17,7 @@ class Ability | ||
| 17 | 17 | ||
| 18 | # Rules based on role in project | 18 | # Rules based on role in project |
| 19 | if project.master_access_for?(user) | 19 | if project.master_access_for?(user) |
| 20 | - # TODO: replace with master rules. | ||
| 21 | - # Only allow project administration for namespace owners | ||
| 22 | - rules << project_admin_rules | 20 | + rules << project_master_rules |
| 23 | 21 | ||
| 24 | elsif project.dev_access_for?(user) | 22 | elsif project.dev_access_for?(user) |
| 25 | rules << project_dev_rules | 23 | rules << project_dev_rules |
| @@ -93,13 +91,15 @@ class Ability | @@ -93,13 +91,15 @@ class Ability | ||
| 93 | :admin_merge_request, | 91 | :admin_merge_request, |
| 94 | :admin_note, | 92 | :admin_note, |
| 95 | :accept_mr, | 93 | :accept_mr, |
| 96 | - :admin_wiki | 94 | + :admin_wiki, |
| 95 | + :admin_project | ||
| 97 | ] | 96 | ] |
| 98 | end | 97 | end |
| 99 | 98 | ||
| 100 | def project_admin_rules | 99 | def project_admin_rules |
| 101 | project_master_rules + [ | 100 | project_master_rules + [ |
| 102 | - :admin_project | 101 | + :change_namespace, |
| 102 | + :rename_project | ||
| 103 | ] | 103 | ] |
| 104 | end | 104 | end |
| 105 | 105 |
app/views/projects/_form.html.haml
| @@ -21,9 +21,15 @@ | @@ -21,9 +21,15 @@ | ||
| 21 | = f.label :namespace_id do | 21 | = f.label :namespace_id do |
| 22 | %span Namespace | 22 | %span Namespace |
| 23 | .controls | 23 | .controls |
| 24 | - = f.select :namespace_id, namespaces_options(@project.namespace_id), {prompt: 'Choose a project namespace'}, {class: 'chosen'} | ||
| 25 | - | ||
| 26 | - %span.cred Be careful. Changing project namespace can have unintended side effects | 24 | + - if can? current_user, :change_namespace, @project |
| 25 | + = f.select :namespace_id, namespaces_options(@project.namespace_id), {prompt: 'Choose a project namespace'}, {class: 'chosen'} | ||
| 26 | + | ||
| 27 | + %span.cred Be careful. Changing project namespace can have unintended side effects | ||
| 28 | + - else | ||
| 29 | + %a.btn.btn-small.disabled= @project.namespace.try(:human_name) || "/" | ||
| 30 | + | ||
| 31 | + %span.cred Only owner can change project namespace. | ||
| 32 | + | ||
| 27 | 33 | ||
| 28 | - unless @project.heads.empty? | 34 | - unless @project.heads.empty? |
| 29 | .clearfix | 35 | .clearfix |