Skip to content

G
gitlab-ce
Commit 694768e5 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets
Browse files
Options

Fix 404 if Group guest visit empty group page

parent 0235c2a7
Hide whitespace changes
Inline Side-by-side
Showing with 5 additions and 1 deletion
app/controllers/groups_controller.rb
View file @ 694768e5
...@@ -110,7 +110,7 @@ class GroupsController < ApplicationController ...@@ -110,7 +110,7 @@ class GroupsController < ApplicationController
# Dont allow unauthorized access to group # Dont allow unauthorized access to group
def authorize_read_group! def authorize_read_group!
unless projects.present? or can?(current_user, :manage_group, @group) unless projects.present? or can?(current_user, :read_group, @group)
return render_404 return render_404
end end
end end
......
app/models/ability.rb
View file @ 694768e5
...@@ -135,6 +135,10 @@ class Ability ...@@ -135,6 +135,10 @@ class Ability
def group_abilities user, group def group_abilities user, group
rules = [] rules = []
if group.users.include?(user)
rules << :read_group
end
# Only group owner and administrators can manage group # Only group owner and administrators can manage group
if group.owners.include?(user) || user.admin? if group.owners.include?(user) || user.admin?
rules << [ rules << [
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7