Skip to content

Commit

Permalink
feat(auth): Check a user's Group-level permissions when checking for …
Browse files Browse the repository at this point in the history 
…Admin access (#50)
  • Loading branch information
@Yasumoto
Yasumoto authored Feb 10, 2022
1 parent 05c4498 commit e8abbc6
Showing 1 changed file with 8 additions and 2 deletions.
10 changes: 8 additions & 2 deletions index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -724,7 +724,8 @@ class GitlabScm extends Scm {
}

/**
* Get a owners permissions on a repository
* Get an owners permissions on a repository. This uses the higher of either the
* project-specific or group-level access.
* @async _getPermissions
* @param {Object} config Configuration
* @param {String} config.scmUri The scmUri to get permissions on
Expand All @@ -748,10 +749,15 @@ class GitlabScm extends Scm {
pull: false
};
const { permissions } = response.body;
const accessLevel = Hoek.reach(permissions, 'project_access.access_level', {
const projectAccessLevel = Hoek.reach(permissions, 'project_access.access_level', {
default: 0
});

const groupAccessLevel = Hoek.reach(permissions, 'group_access.access_level', {
default: 0
});
const accessLevel = Math.max(projectAccessLevel, groupAccessLevel);

// ref: https://docs.gitlab.com/ee/api/members.html
// ref: https://docs.gitlab.com/ee/user/permissions.html
switch (accessLevel) {
Expand Down

0 comments on commit e8abbc6

Please sign in to comment.