1# frozen_string_literal: true 2 3class BoardPolicy < BasePolicy 4 include FindGroupProjects 5 6 delegate { @subject.resource_parent } 7 8 condition(:is_group_board) { @subject.group_board? } 9 condition(:is_project_board) { @subject.project_board? } 10 11 rule { is_project_board & can?(:read_project) }.enable :read_parent 12 13 rule { is_group_board & can?(:read_group) }.policy do 14 enable :read_parent 15 enable :read_milestone 16 enable :read_issue 17 end 18 19 condition(:reporter_of_group_projects) do 20 next unless @user 21 22 group_projects_for(user: @user, group: @subject.resource_parent) 23 .visible_to_user_and_access_level(@user, ::Gitlab::Access::REPORTER) 24 .exists? 25 end 26 27 rule { is_group_board & reporter_of_group_projects }.policy do 28 enable :create_non_backlog_issues 29 end 30 31 rule { is_project_board & can?(:admin_issue) }.policy do 32 enable :create_non_backlog_issues 33 end 34end 35