Commit 7f97a127 authored by Valery Sizov's avatar Valery Sizov

internal snippets: fix exposing of title

parent 9712fbcd
v 7.4.2
- Fix internal snippet exposing for unauthenticated users
v 7.4.1 v 7.4.1
- Fix LDAP authentication for Git HTTP access - Fix LDAP authentication for Git HTTP access
- Fix LDAP config lookup for provider 'ldap' - Fix LDAP config lookup for provider 'ldap'
- Fix public snippets
- Fix 500 error on projects with nested submodules
v 7.4.0 v 7.4.0
- Refactored membership logic - Refactored membership logic
......
...@@ -29,6 +29,8 @@ class SnippetsFinder ...@@ -29,6 +29,8 @@ class SnippetsFinder
def by_user(current_user, user, scope) def by_user(current_user, user, scope)
snippets = user.snippets.fresh.non_expired snippets = user.snippets.fresh.non_expired
return snippets.are_public unless current_user
if user == current_user if user == current_user
case scope case scope
when 'are_internal' then when 'are_internal' then
......
...@@ -64,6 +64,13 @@ describe SnippetsFinder do ...@@ -64,6 +64,13 @@ describe SnippetsFinder do
snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user) snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user)
snippets.should include(@snippet1, @snippet2, @snippet3) snippets.should include(@snippet1, @snippet2, @snippet3)
end end
it "returns only public snippets if unauthenticated user" do
snippets = SnippetsFinder.new.execute(nil, filter: :by_user, user: user)
snippets.should include(@snippet3)
snippets.should_not include(@snippet2, @snippet1)
end
end end
context 'by_project filter' do context 'by_project filter' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment