From 547a5884d1ab6a22d9fc9ce79e5cf6f0310bc23d Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Wed, 27 Oct 2021 10:32:43 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@14-4-stable-ee

---
 app/models/project.rb | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'app')

diff --git a/app/models/project.rb b/app/models/project.rb
index 6eb19b4462c..00a572b775d 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -2714,8 +2714,23 @@ class Project < ApplicationRecord
     self.errors.add(:base, _("Could not change HEAD: branch '%{branch}' does not exist") % { branch: branch })
   end
 
+  def visible_group_links(for_user:)
+    user = for_user
+    links = project_group_links_with_preload
+    user.max_member_access_for_group_ids(links.map(&:group_id)) if user && links.any?
+
+    DeclarativePolicy.user_scope do
+      links.select { Ability.allowed?(user, :read_group, _1.group) }
+    end
+  end
+
   private
 
+  # overridden in EE
+  def project_group_links_with_preload
+    project_group_links
+  end
+
   def save_topics
     return if @topic_list.nil?
 
-- 
cgit v1.2.3