From ad309f5d110ebf8859b2e7196c7a1d0b039c0d7c Mon Sep 17 00:00:00 2001
From: Douwe Maan <douwe@gitlab.com>
Date: Fri, 28 Apr 2017 22:06:27 +0000
Subject: Merge branch 'snippets-finder-visibility' into 'security'

Refactor snippets finder & dont return internal snippets for external users

See merge request !2094
---
 app/controllers/snippets_controller.rb | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

(limited to 'app/controllers/snippets_controller.rb')

diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 656a365b701..7445f61195d 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -27,12 +27,8 @@ class SnippetsController < ApplicationController
 
       return render_404 unless @user
 
-      @snippets = SnippetsFinder.new.execute(current_user, {
-        filter: :by_user,
-        user: @user,
-        scope: params[:scope]
-      })
-      .page(params[:page])
+      @snippets = SnippetsFinder.new(current_user, author: @user, scope: params[:scope])
+        .execute.page(params[:page])
 
       render 'index'
     else
-- 
cgit v1.2.3