diff --git a/app/controllers/repositories_controller.rb b/app/controllers/repositories_controller.rb
index 9b73120db..2519afc04 100644
--- a/app/controllers/repositories_controller.rb
+++ b/app/controllers/repositories_controller.rb
@@ -8,10 +8,8 @@ class RepositoriesController < ApplicationController
before_action :check_view_permissions, only: :export_repository
before_action :check_edit_and_destroy_permissions, only:
%i(destroy destroy_modal rename_modal update)
- before_action :check_copy_permissions, only:
- %i(copy_modal copy)
before_action :check_create_permissions, only:
- %i(create_new_modal create)
+ %i(create_new_modal create copy_modal copy)
def index
render('repositories/index')
@@ -307,15 +305,12 @@ class RepositoriesController < ApplicationController
end
def check_create_permissions
- render_403 unless can_create_repository(@team)
+ render_403 unless can_manage_repository?(@team) ||
+ @team.repositories.count < Constants::REPOSITORIES_LIMIT
end
def check_edit_and_destroy_permissions
- render_403 unless can_edit_and_destroy_repository(@repository)
- end
-
- def check_copy_permissions
- render_403 unless can_copy_repository(@repository)
+ render_403 unless can_manage_repository?(@team)
end
def repository_params
diff --git a/app/helpers/permission_helper.rb b/app/helpers/permission_helper.rb
index 7a450cc7a..3920e3384 100644
--- a/app/helpers/permission_helper.rb
+++ b/app/helpers/permission_helper.rb
@@ -1046,22 +1046,22 @@ module PermissionHelper
# is_member_of_team(team)
# end
- def can_create_repository(team)
- is_admin_of_team(team) &&
- team.repositories.count < Constants::REPOSITORIES_LIMIT
- end
+ # def can_create_repository(team)
+ # is_admin_of_team(team) &&
+ # team.repositories.count < Constants::REPOSITORIES_LIMIT
+ # end
# def can_view_repository(repository)
# is_member_of_team(repository.team)
# end
- def can_edit_and_destroy_repository(repository)
- is_admin_of_team(repository.team)
- end
+ # def can_edit_and_destroy_repository(repository)
+ # is_admin_of_team(repository.team)
+ # end
- def can_copy_repository(repository)
- can_create_repository(repository.team)
- end
+ # def can_copy_repository(repository)
+ # can_create_repository(repository.team)
+ # end
# def can_create_columns_in_repository(repository)
# is_normal_user_or_admin_of_team(repository.team)
diff --git a/app/permissions/team.rb b/app/permissions/team.rb
index 64fd2af15..5543bee97 100644
--- a/app/permissions/team.rb
+++ b/app/permissions/team.rb
@@ -36,6 +36,11 @@ Canaid::Permissions.register_for(Team) do
user.is_normal_user_or_admin_of_team?(team)
end
+ # create, copy, edit, destroy repository
+ can :manage_repository do |user, team|
+ user.is_admin_of_team?(team)
+ end
+
# create, import, edit, delete repository record
can :manage_repository_row do |user, team|
user.is_normal_user_or_admin_of_team?(team)
diff --git a/app/views/repositories/_repository.html.erb b/app/views/repositories/_repository.html.erb
index fcd9d4596..85e9e9335 100644
--- a/app/views/repositories/_repository.html.erb
+++ b/app/views/repositories/_repository.html.erb
@@ -34,24 +34,22 @@
data-toggle="dropdown"
aria-haspopup="true"
aria-expanded="true"
- <%= "disabled='disabled'" if !can_edit_and_destroy_repository repository and !can_copy_repository repository %>>
+ <%= "disabled='disabled'" unless can_manage_repository?(repository.team) %>>
- <% if can_edit_and_destroy_repository repository or can_copy_repository repository %>
+ <% if can_manage_repository?(repository.team) %>
<% end %>
diff --git a/app/views/repositories/index.html.erb b/app/views/repositories/index.html.erb
index 6bf302f5d..ff7025315 100644
--- a/app/views/repositories/index.html.erb
+++ b/app/views/repositories/index.html.erb
@@ -19,11 +19,11 @@
+ <% unless can_manage_repository?(current_team) || current_team.repositories.count < Constants::REPOSITORIES_LIMIT %>
class="disabled"
<% end %>>
+ <% if can_manage_repository?(current_team) && current_team.repositories.count < Constants::REPOSITORIES_LIMIT %>
href="<%= create_modal_team_repositories_path %>"
class='create-repository'
data-remote='true'