Move group members index from `/members` to `/group_members`.

3 files changed, 38 insertions, 18 deletions

diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb
index 7f27f2bb734..a73b8fa212a 100644
--- a/app/controllers/groups/application_controller.rb
+++ b/app/controllers/groups/application_controller.rb
@@ -2,9 +2,27 @@ class Groups::ApplicationController < ApplicationController
 
   private
   
+  def authorize_read_group!
+    unless @group and can?(current_user, :read_group, @group)
+      if current_user.nil?
+        return authenticate_user!
+      else
+        return render_404
+      end
+    end
+  end
+  
   def authorize_admin_group!
     unless can?(current_user, :manage_group, group)
       return render_404
     end
   end
+
+  def determine_layout
+    if current_user
+      'group'
+    else
+      'public_group'
+    end
+  end
 end
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb
index 132452d61c9..d3d6ce1ca2c 100644
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -1,15 +1,30 @@
 class Groups::GroupMembersController < Groups::ApplicationController
+  skip_before_filter :authenticate_user!, only: [:index]
   before_filter :group
 
   # Authorize
-  before_filter :authorize_admin_group!
+  before_filter :authorize_read_group!
+  before_filter :authorize_admin_group!, except: [:index, :leave]
 
-  layout 'group'
+  layout :determine_layout
+
+  def index
+    @project = @group.projects.find(params[:project_id]) if params[:project_id]
+    @members = @group.group_members
+
+    if params[:search].present?
+      users = @group.users.search(params[:search]).to_a
+      @members = @members.where(user_id: users)
+    end
+
+    @members = @members.order('access_level DESC').page(params[:page]).per(50)
+    @group_member = GroupMember.new
+  end
 
   def create
     @group.add_users(params[:user_ids].split(','), params[:access_level])
 
-    redirect_to members_group_path(@group), notice: 'Users were successfully added.'
+    redirect_to group_group_members_path(@group), notice: 'Users were successfully added.'
   end
 
   def update
@@ -23,7 +38,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
     if can?(current_user, :destroy_group_member, @group_member)  # May fail if last owner.
       @group_member.destroy
       respond_to do |format|
-        format.html { redirect_to members_group_path(@group), notice: 'User was  successfully removed from group.' }
+        format.html { redirect_to group_group_members_path(@group), notice: 'User was  successfully removed from group.' }
         format.js { render nothing: true }
       end
     else
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 7e336803fbb..7af3c077182 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -1,5 +1,5 @@
 class GroupsController < Groups::ApplicationController
-  skip_before_filter :authenticate_user!, only: [:show, :issues, :members, :merge_requests]
+  skip_before_filter :authenticate_user!, only: [:show, :issues, :merge_requests]
   respond_to :html
   before_filter :group, except: [:new, :create]
 
@@ -67,19 +67,6 @@ class GroupsController < Groups::ApplicationController
     end
   end
 
-  def members
-    @project = group.projects.find(params[:project_id]) if params[:project_id]
-    @members = group.group_members
-
-    if params[:search].present?
-      users = group.users.search(params[:search]).to_a
-      @members = @members.where(user_id: users)
-    end
-
-    @members = @members.order('access_level DESC').page(params[:page]).per(50)
-    @users_group = GroupMember.new
-  end
-
   def edit
   end