Add latest changes from gitlab-org/gitlab@master

2 files changed, 6 insertions, 2 deletions

diff --git a/app/controllers/organizations/application_controller.rb b/app/controllers/organizations/application_controller.rb
index 8a99b6804ae..9cc33ec0447 100644
--- a/app/controllers/organizations/application_controller.rb
+++ b/app/controllers/organizations/application_controller.rb
@@ -28,6 +28,10 @@ module Organizations
       access_denied! unless can?(current_user, :read_organization, organization)
     end
 
+    def authorize_read_organization_user!
+      access_denied! unless can?(current_user, :read_organization_user, organization)
+    end
+
     def authorize_admin_organization!
       access_denied! unless can?(current_user, :admin_organization, organization)
     end
diff --git a/app/controllers/organizations/organizations_controller.rb b/app/controllers/organizations/organizations_controller.rb
index 3085f0c07d1..9f09627b1e4 100644
--- a/app/controllers/organizations/organizations_controller.rb
+++ b/app/controllers/organizations/organizations_controller.rb
@@ -4,7 +4,7 @@ module Organizations
   class OrganizationsController < ApplicationController
     feature_category :cell
 
-    skip_before_action :authenticate_user!, except: [:index, :new]
+    skip_before_action :authenticate_user!, except: [:index, :new, :users]
 
     def index; end
 
@@ -21,7 +21,7 @@ module Organizations
     end
 
     def users
-      authorize_read_organization!
+      authorize_read_organization_user!
     end
   end
 end