Commit 0b67d7a0 authored by Stan Hu's avatar Stan Hu

Fix user autocomplete for unauthenticated users accessing public projects

Closes #1955
parent 3f5a4ae5
Please view this file on the master branch, on stable branches it's out of date.
v 7.13.0 (unreleased)
- Fix user autocomplete for unauthenticated users accessing public projects (Stan Hu)
- Fix redirection to home page URL for unauthorized users (Daniel Gerhardt)
- Add branch switching support for graphs (Daniel Gerhardt)
- Fix external issue tracker hook/test for HTTPS URLs (Daniel Gerhardt)
......
class AutocompleteController < ApplicationController
skip_before_action :authenticate_user!, only: [:users]
def users
@users =
if params[:project_id].present?
......@@ -13,8 +15,10 @@ def users
if can?(current_user, :read_group, group)
group.users
end
else
elsif current_user
User.all
else
User.none
end
@users = @users.search(params[:search]) if params[:search].present?
......
......@@ -48,4 +48,28 @@
it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq User.count }
end
context 'unauthenticated user' do
let(:project) { create(:project, :public) }
let(:body) { JSON.parse(response.body) }
describe 'GET #users with public project' do
before do
project.team << [user, :guest]
get(:users, project_id: project.id)
end
it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq 1 }
end
describe 'GET #users with no project' do
before do
get(:users)
end
it { expect(body).to be_kind_of(Array) }
it { expect(body.size).to eq 0 }
end
end
end
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment