diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-30 02:48:33 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-03-30 02:48:57 +0300 |
| commit | 05bbfffcd3692a70849628ff36ecb8eeac4902af (patch) | |
| tree | 7613423113981839650e856d4ad1276851ec97bb /app/finders | |
| parent | ef77d7f75069ca5f71261d80bc9caea59168cba2 (diff) | |
Add latest changes from gitlab-org/security/gitlab@15-9-stable-ee
Diffstat (limited to 'app/finders')
| -rw-r--r-- | app/finders/notes_finder.rb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/app/finders/notes_finder.rb b/app/finders/notes_finder.rb index c542ffbce7e..81017290f12 100644 --- a/app/finders/notes_finder.rb +++ b/app/finders/notes_finder.rb @@ -30,6 +30,7 @@ class NotesFinder notes = init_collection notes = since_fetch_at(notes) notes = notes.with_notes_filter(@params[:notes_filter]) if notes_filter? + notes = redact_internal(notes) sort(notes) end @@ -181,6 +182,13 @@ class NotesFinder notes.order_by(sort) end + + def redact_internal(notes) + subject = @project || target + return notes if Ability.allowed?(@current_user, :read_internal_note, subject) + + notes.not_internal + end end NotesFinder.prepend_mod_with('NotesFinder') |