[#446] only admin can share a project
This commit is contained in:
parent
4daa857f2c
commit
dc2e0114b0
|
@ -114,11 +114,10 @@ class Projects::ProjectsController < Projects::BaseController
|
||||||
redirect_to @project.owner
|
redirect_to @project.owner
|
||||||
end
|
end
|
||||||
|
|
||||||
def fork
|
def fork(is_alias = false)
|
||||||
owner = (Group.find params[:group] if params[:group].present?) || current_user
|
owner = (Group.find params[:group] if params[:group].present?) || current_user
|
||||||
authorize! :write, owner if owner.class == Group
|
authorize! :write, owner if owner.class == Group
|
||||||
|
|
||||||
is_alias = params[:alias] == 'true'
|
|
||||||
if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid?
|
if forked = @project.fork(owner, new_name: params[:fork_name], is_alias: is_alias) and forked.valid?
|
||||||
redirect_to forked, notice: t("flash.project.forked")
|
redirect_to forked, notice: t("flash.project.forked")
|
||||||
else
|
else
|
||||||
|
@ -128,6 +127,10 @@ class Projects::ProjectsController < Projects::BaseController
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def alias
|
||||||
|
fork(true)
|
||||||
|
end
|
||||||
|
|
||||||
def possible_forks
|
def possible_forks
|
||||||
render partial: 'projects/git/base/forks', layout: false,
|
render partial: 'projects/git/base/forks', layout: false,
|
||||||
locals: { owner: current_user, name: (params[:name].presence || @project.name) }
|
locals: { owner: current_user, name: (params[:name].presence || @project.name) }
|
||||||
|
|
|
@ -72,8 +72,11 @@ class Ability
|
||||||
can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project|
|
can [:update, :sections, :manage_collaborators, :autocomplete_maintainers, :add_member, :remove_member, :remove_members, :update_member, :members, :schedule], Project do |project|
|
||||||
local_admin? project
|
local_admin? project
|
||||||
end
|
end
|
||||||
|
|
||||||
can(:fork, Project) {|project| can? :read, project}
|
can(:fork, Project) {|project| can? :read, project}
|
||||||
can(:fork, Project) {|project| project.owner_type == 'Group' and can? :update, project.owner}
|
can(:fork, Project) {|project| project.owner_type == 'Group' and can? :update, project.owner}
|
||||||
|
can(:alias, Project) {|project| local_admin?(project) }
|
||||||
|
|
||||||
can(:destroy, Project) {|project| owner? project}
|
can(:destroy, Project) {|project| owner? project}
|
||||||
can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')}
|
can(:destroy, Project) {|project| project.owner_type == 'Group' and project.owner.actors.exists?(actor_type: 'User', actor_id: user.id, role: 'admin')}
|
||||||
can :remove_user, Project
|
can :remove_user, Project
|
||||||
|
|
|
@ -9,14 +9,18 @@
|
||||||
= form_for @project, url: fork_project_path(@project), html: { class: :form, multipart: true, method: :post } do |f|
|
= form_for @project, url: fork_project_path(@project), html: { class: :form, multipart: true, method: :post } do |f|
|
||||||
= hidden_field_tag :group, owner.id if owner.class == Group
|
= hidden_field_tag :group, owner.id if owner.class == Group
|
||||||
= hidden_field_tag :fork_name, name, name: 'fork_name'
|
= hidden_field_tag :fork_name, name, name: 'fork_name'
|
||||||
= hidden_field_tag :alias, '{{create_alias}}'
|
.btn-group.btn-group-justified
|
||||||
.btn-group.btn-group-justified ng-init='create_alias = false'
|
|
||||||
.btn-group
|
.btn-group
|
||||||
= f.submit t('layout.projects.fork_to', to: full_name),
|
= f.submit t('layout.projects.fork_to', to: full_name),
|
||||||
class: 'btn btn-primary center-block',
|
class: 'btn btn-primary center-block',
|
||||||
'data-loading-text' => t('layout.processing'), id: 'create_fork'
|
'data-loading-text' => t('layout.processing'), id: 'create_fork'
|
||||||
.btn-group
|
|
||||||
= f.submit t('layout.projects.create_alias_for', for: full_name),
|
- if can? :alias, @project
|
||||||
class: 'btn btn-primary center-block',
|
= form_for @project, url: alias_project_path(@project), html: { class: :form, multipart: true, method: :post } do |f|
|
||||||
ng_click: 'create_alias = true',
|
= hidden_field_tag :group, owner.id if owner.class == Group
|
||||||
'data-loading-text' => t('layout.processing'), id: 'create_fork'
|
= hidden_field_tag :fork_name, name, name: 'fork_name'
|
||||||
|
.btn-group.btn-group-justified.offset5
|
||||||
|
.btn-group
|
||||||
|
= f.submit t('layout.projects.create_alias_for', for: full_name),
|
||||||
|
class: 'btn btn-primary center-block',
|
||||||
|
'data-loading-text' => t('layout.processing'), id: 'create_fork'
|
||||||
|
|
|
@ -355,7 +355,8 @@ Rosa::Application.routes.draw do
|
||||||
patch '/' => 'projects#update'
|
patch '/' => 'projects#update'
|
||||||
delete '/' => 'projects#destroy'
|
delete '/' => 'projects#destroy'
|
||||||
# Member
|
# Member
|
||||||
post '/fork' => 'projects#fork', as: :fork_project
|
post '/fork' => 'projects#fork', as: :fork_project
|
||||||
|
post '/alias' => 'projects#alias', as: :alias_project
|
||||||
get '/possible_forks' => 'projects#possible_forks', as: :possible_forks_project
|
get '/possible_forks' => 'projects#possible_forks', as: :possible_forks_project
|
||||||
get '/sections' => 'projects#sections', as: :sections_project
|
get '/sections' => 'projects#sections', as: :sections_project
|
||||||
patch '/sections' => 'projects#sections'
|
patch '/sections' => 'projects#sections'
|
||||||
|
|
|
@ -35,6 +35,16 @@ shared_examples_for 'projects user with project admin rights' do
|
||||||
put :schedule, { name_with_owner: @project.name_with_owner }.merge(repository_id: @project.repositories.first.id)
|
put :schedule, { name_with_owner: @project.name_with_owner }.merge(repository_id: @project.repositories.first.id)
|
||||||
response.should be_success
|
response.should be_success
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'should be able to create alias for a project' do
|
||||||
|
post :alias, name_with_owner: @project.name_with_owner, fork_name: (@project.name + '_new')
|
||||||
|
response.should redirect_to(project_path(Project.last))
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should create alias for a project' do
|
||||||
|
lambda { post :alias, name_with_owner: @project.name_with_owner,
|
||||||
|
fork_name: (@project.name + '_new') }.should change{ Project.count }.by(1)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
shared_examples_for 'user with destroy rights' do
|
shared_examples_for 'user with destroy rights' do
|
||||||
|
@ -94,6 +104,16 @@ shared_examples_for 'projects user without project admin rights' do
|
||||||
create_actor_relation(group, @user, 'reader')
|
create_actor_relation(group, @user, 'reader')
|
||||||
lambda {post :create, @create_params.merge(who_owns: 'group', owner_id: group.id)}.should change{ Project.count }.by(0)
|
lambda {post :create, @create_params.merge(who_owns: 'group', owner_id: group.id)}.should change{ Project.count }.by(0)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'should not be able to create alias for a project' do
|
||||||
|
post :alias, name_with_owner: @project.name_with_owner
|
||||||
|
response.should redirect_to(forbidden_path)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'should not create alias for a project' do
|
||||||
|
lambda { post :alias, name_with_owner: @project.name_with_owner,
|
||||||
|
fork_name: (@project.name + '_new') }.should change{ Project.count }.by(0)
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe Projects::ProjectsController do
|
describe Projects::ProjectsController do
|
||||||
|
|
Loading…
Reference in New Issue