diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-18 06:11:42 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2023-10-18 06:11:42 +0300 |
| commit | c3df0504a2212528bd792fb0cdad539189a6219e (patch) | |
| tree | c35951d6c20bb17b13aeb3ff7b48a18d8c7cdc86 /app/finders | |
| parent | 977fd0aff3a3fe6bcb6f4c76d6f2f7696b958412 (diff) | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/finders')
| -rw-r--r-- | app/finders/snippets_finder.rb | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/app/finders/snippets_finder.rb b/app/finders/snippets_finder.rb index cb824aca33f..e09de1f6612 100644 --- a/app/finders/snippets_finder.rb +++ b/app/finders/snippets_finder.rb @@ -42,6 +42,7 @@ class SnippetsFinder < UnionFinder include FinderMethods include Gitlab::Utils::StrongMemoize include CreatedAtFilter + include Gitlab::Allowable attr_reader :current_user, :params @@ -79,6 +80,7 @@ class SnippetsFinder < UnionFinder snippets = all_snippets snippets = by_ids(snippets) snippets = snippets.with_optional_visibility(visibility_from_scope) + snippets = hide_created_by_banned_user(snippets) end by_created_at(snippets) @@ -87,7 +89,7 @@ class SnippetsFinder < UnionFinder def return_all_available_and_permited? # Currently limited to access_levels `admin` and `auditor` # See policies/base_policy.rb files for specifics. - params[:all_available] && current_user&.can_read_all_resources? + params[:all_available] && can?(current_user, :read_all_resources) end def all_snippets @@ -126,7 +128,7 @@ class SnippetsFinder < UnionFinder queries = [] queries << personal_snippets unless only_project? - if Ability.allowed?(current_user, :read_cross_project) + if can?(current_user, :read_cross_project) queries << snippets_of_visible_projects queries << snippets_of_authorized_projects if current_user end @@ -207,6 +209,14 @@ class SnippetsFinder < UnionFinder snippets.id_in(params[:ids]) end + def hide_created_by_banned_user(snippets) + # if admin -> return all snippets, if not-admin -> filter out snippets by banned user + return snippets if can?(current_user, :read_all_resources) + return snippets unless Feature.enabled?(:hide_snippets_of_banned_users) + + snippets.without_created_by_banned_user + end + def author strong_memoize(:author) do next unless params[:author].present? |