diff options
Diffstat (limited to 'app/models/project.rb')
| -rw-r--r-- | app/models/project.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/models/project.rb b/app/models/project.rb index 318d1473a70..512734e9b3f 100644 --- a/app/models/project.rb +++ b/app/models/project.rb @@ -482,7 +482,7 @@ class Project < ApplicationRecord # the feature is either public, enabled, or internal with permission for the user. # Note: this scope doesn't enforce that the user has access to the projects, it just checks # that the user has access to the feature. It's important to use this scope with others - # that checks project authorizations first. + # that checks project authorizations first (e.g. `filter_by_feature_visibility`). # # This method uses an optimised version of `with_feature_access_level` for # logged in users to more efficiently get private projects with the given @@ -510,6 +510,11 @@ class Project < ApplicationRecord end end + # This scope returns projects where user has access to both the project and the feature. + def self.filter_by_feature_visibility(feature, user) + with_feature_available_for_user(feature, user).public_or_visible_to_user(user) + end + scope :active, -> { joins(:issues, :notes, :merge_requests).order('issues.created_at, notes.created_at, merge_requests.created_at DESC') } scope :abandoned, -> { where('projects.last_activity_at < ?', 6.months.ago) } |