Merge pull request #5752 from jhollingsworth/fix/no-404-for-project

Fix 404 on project page for unauthenticated user

7 files changed, 71 insertions, 6 deletions

diff --git a/CHANGELOG b/CHANGELOG
index d0a796fb4cf..3fa5143d43f 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@ v 6.4.0
   - Internal projects (Jason Hollingsworth)
   - Allow removal of avatar (Drew Blessing)
   - Project web hooks now support issues and merge request events
+  - Visiting project page while not logged in will redirect to sign-in instead of 404 (Jason Hollingsworth)
 
 v 6.3.0
   - API for adding gitlab-ci service
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index a83d6dfed8d..e5b5a3a4777 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -81,6 +81,9 @@ class ApplicationController < ActionController::Base
 
     if @project and can?(current_user, :read_project, @project)
       @project
+    elsif current_user.nil?
+      @project = nil
+      authenticate_user!
     else
       @project = nil
       render_404 and return
diff --git a/features/project/redirects.feature b/features/project/redirects.feature
new file mode 100644
index 00000000000..ce197912f64
--- /dev/null
+++ b/features/project/redirects.feature
@@ -0,0 +1,26 @@
+Feature: Project Redirects
+  Background:
+    Given public project "Community"
+    And private project "Enterprise"
+
+  Scenario: I visit public project page
+    When I visit project "Community" page
+    Then I should see project "Community" home page
+
+  Scenario: I visit private project page
+    When I visit project "Enterprise" page
+    Then I should be redirected to sign in page
+
+  Scenario: I visit a non-existent project page
+    When I visit project "CommunityDoesNotExist" page
+    Then I should be redirected to sign in page
+
+  Scenario: I visit a non-existent project page as user
+    Given I sign in as a user
+    When I visit project "CommunityDoesNotExist" page
+    Then page status code should be 404
+
+  Scenario: I visit unauthorized project page as user
+    Given I sign in as a user
+    When I visit project "Enterprise" page
+    Then page status code should be 404
diff --git a/features/public/public_projects.feature b/features/public/public_projects.feature
index 03825dffd3f..5a30c03dd4a 100644
--- a/features/public/public_projects.feature
+++ b/features/public/public_projects.feature
@@ -16,11 +16,11 @@ Feature: Public Projects Feature
 
   Scenario: I visit internal project page
     When I visit project "Internal" page
-    Then page status code should be 404
+    Then I should be redirected to sign in page
 
   Scenario: I visit private project page
     When I visit project "Enterprise" page
-    Then page status code should be 404
+    Then I should be redirected to sign in page
 
   Scenario: I visit an empty public project page
     Given public empty project "Empty Public Project"
diff --git a/features/steps/profile/profile.rb b/features/steps/profile/profile.rb
index 3e4a105ec55..a72f8a44f96 100644
--- a/features/steps/profile/profile.rb
+++ b/features/steps/profile/profile.rb
@@ -88,10 +88,6 @@ class Profile < Spinach::FeatureSteps
     page.should have_content "Password doesn't match confirmation"
   end
 
-  step 'I should be redirected to sign in page' do
-    current_path.should == new_user_session_path
-  end
-
   step 'I reset my token' do
     within '.update-token' do
       @old_token = @user.private_token
diff --git a/features/steps/project/redirects.rb b/features/steps/project/redirects.rb
new file mode 100644
index 00000000000..4ac53075704
--- /dev/null
+++ b/features/steps/project/redirects.rb
@@ -0,0 +1,35 @@
+class Spinach::Features::ProjectRedirects < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedPaths
+  include SharedProject
+
+  step 'public project "Community"' do
+    create :project_with_code, name: 'Community', visibility_level: Gitlab::VisibilityLevel::PUBLIC
+  end
+
+  step 'private project "Enterprise"' do
+    create :project, name: 'Enterprise'
+  end
+
+  step 'I visit project "Community" page' do
+    project = Project.find_by_name('Community')
+    visit project_path(project)
+  end
+
+  step 'I should see project "Community" home page' do
+    within '.project-home-title' do
+      page.should have_content 'Community'
+    end
+  end
+
+  step 'I visit project "Enterprise" page' do
+    project = Project.find_by_name('Enterprise')
+    visit project_path(project)
+  end
+
+  step 'I visit project "CommunityDoesNotExist" page' do
+    project = Project.find_by_name('Community')
+    visit project_path(project) + 'DoesNotExist'
+  end
+end
+
diff --git a/features/steps/shared/authentication.rb b/features/steps/shared/authentication.rb
index 8c501bbc537..df05754c287 100644
--- a/features/steps/shared/authentication.rb
+++ b/features/steps/shared/authentication.rb
@@ -12,6 +12,10 @@ module SharedAuthentication
     login_as :admin
   end
 
+  step 'I should be redirected to sign in page' do
+    current_path.should == new_user_session_path
+  end
+
   def current_user
     @user || User.first
   end