Add latest changes from gitlab-org/security/gitlab@15-9-stable-ee

author: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-30 02:48:15 +0300
committer: GitLab Bot <gitlab-bot@gitlab.com> 2023-03-30 02:48:15 +0300
commit: ef77d7f75069ca5f71261d80bc9caea59168cba2 (patch)
tree: b5d128c44de05edc90e0d3cb5fca398c55803628 /app/finders
parent: b405157ce7809b3671155faa8f3c3395e3fc74ce (diff)
1 files changed, 1 insertions, 10 deletions
diff --git a/app/finders/environments/environment_names_finder.rb b/app/finders/environments/environment_names_finder.rb
index d4928f0fc84..ffb689f45e2 100644
--- a/app/finders/environments/environment_names_finder.rb
+++ b/app/finders/environments/environment_names_finder.rb
@@ -32,18 +32,9 @@ module Environments
     end
 
     def namespace_environments
-      # We assume reporter access is needed for the :read_environment permission
-      # here. This expection is also present in
-      # IssuableFinder::Params#min_access_level, which is used for filtering out
-      # merge requests that don't have the right permissions.
-      #
-      # We use this approach so we don't need to load every project into memory
-      # just to verify if we can see their environments. Doing so would not be
-      # efficient, and possibly mess up pagination if certain projects are not
-      # meant to be visible.
       projects = project_or_group
         .all_projects
-        .public_or_visible_to_user(current_user, Gitlab::Access::REPORTER)
+        .filter_by_feature_visibility(:environments, current_user)
 
       Environment.for_project(projects)
     end
author	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-30 02:48:15 +0300
committer	GitLab Bot <gitlab-bot@gitlab.com>	2023-03-30 02:48:15 +0300
commit	ef77d7f75069ca5f71261d80bc9caea59168cba2 (patch)
tree	b5d128c44de05edc90e0d3cb5fca398c55803628 /app/finders
parent	b405157ce7809b3671155faa8f3c3395e3fc74ce (diff)