Commit b35d5a6a authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'public_profiles' into 'master'

Make all group public

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/1219#

Internal issue - https://dev.gitlab.org/gitlab/gitlabhq/issues/1361

See merge request !1247
parents c0c314c6 3e97de83
...@@ -32,7 +32,7 @@ v 8.0.0 (unreleased) ...@@ -32,7 +32,7 @@ v 8.0.0 (unreleased)
- Fix 500 error when submit project snippet without body - Fix 500 error when submit project snippet without body
- Improve search page usability - Improve search page usability
- Bring more UI consistency in way how projects, snippets and groups lists are rendered - Bring more UI consistency in way how projects, snippets and groups lists are rendered
- Make all profiles public - Make all profiles and group public
- Fixed login failure when extern_uid changes (Joel Koglin) - Fixed login failure when extern_uid changes (Joel Koglin)
- Don't notify users without access to the project when they are (accidentally) mentioned in a note. - Don't notify users without access to the project when they are (accidentally) mentioned in a note.
- Retrieving oauth token with LDAP credentials - Retrieving oauth token with LDAP credentials
......
...@@ -152,7 +152,6 @@ ...@@ -152,7 +152,6 @@
} }
.collapse-nav a { .collapse-nav a {
left: 0px;
width: $sidebar_collapsed_width; width: $sidebar_collapsed_width;
} }
...@@ -171,6 +170,7 @@ ...@@ -171,6 +170,7 @@
width: $sidebar_width; width: $sidebar_width;
position: fixed; position: fixed;
bottom: 0; bottom: 0;
left: 0;
font-size: 13px; font-size: 13px;
background: transparent; background: transparent;
height: 40px; height: 40px;
......
...@@ -4,7 +4,7 @@ class GroupsController < Groups::ApplicationController ...@@ -4,7 +4,7 @@ class GroupsController < Groups::ApplicationController
before_action :group, except: [:new, :create] before_action :group, except: [:new, :create]
# Authorize # Authorize
before_action :authorize_read_group!, except: [:new, :create] before_action :authorize_read_group!, except: [:show, :new, :create]
before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects] before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_action :authorize_create_group!, only: [:new, :create] before_action :authorize_create_group!, only: [:new, :create]
......
...@@ -14,7 +14,7 @@ class NamespacesController < ApplicationController ...@@ -14,7 +14,7 @@ class NamespacesController < ApplicationController
if user if user
redirect_to user_path(user) redirect_to user_path(user)
elsif group && can?(current_user, :read_group, group) elsif group
redirect_to group_path(group) redirect_to group_path(group)
elsif current_user.nil? elsif current_user.nil?
authenticate_user! authenticate_user!
......
- unless can?(current_user, :read_group, @group)
- @disable_search_panel = true
= content_for :meta_tags do = content_for :meta_tags do
- if current_user - if current_user
= auto_discovery_link_tag(:atom, group_url(@group, format: :atom, private_token: current_user.private_token), title: "#{@group.name} activity") = auto_discovery_link_tag(:atom, group_url(@group, format: :atom, private_token: current_user.private_token), title: "#{@group.name} activity")
...@@ -16,13 +19,13 @@ ...@@ -16,13 +19,13 @@
= render 'shared/show_aside' = render 'shared/show_aside'
- if can?(current_user, :read_group, @group)
.row .row
%section.activities.col-md-7 %section.activities.col-md-7
.hidden-xs .hidden-xs
- if current_user - if current_user
= render "events/event_last_push", event: @last_push = render "events/event_last_push", event: @last_push
- if current_user
%ul.nav.nav-pills.event_filter.pull-right %ul.nav.nav-pills.event_filter.pull-right
%li %li
= link_to group_path(@group, { format: :atom, private_token: current_user.private_token }), title: "Feed", class: 'rss-btn' do = link_to group_path(@group, { format: :atom, private_token: current_user.private_token }), title: "Feed", class: 'rss-btn' do
...@@ -35,3 +38,6 @@ ...@@ -35,3 +38,6 @@
= spinner = spinner
%aside.side.col-md-5 %aside.side.col-md-5
= render "projects", projects: @projects = render "projects", projects: @projects
- else
%p
This group does not have public projects
...@@ -7,6 +7,7 @@ ...@@ -7,6 +7,7 @@
.navbar-collapse.collapse .navbar-collapse.collapse
%ul.nav.navbar-nav.pull-right %ul.nav.navbar-nav.pull-right
- unless @disable_search_panel
%li.hidden-sm.hidden-xs %li.hidden-sm.hidden-xs
= render 'layouts/search' = render 'layouts/search'
%li.visible-sm.visible-xs %li.visible-sm.visible-xs
......
...@@ -12,6 +12,7 @@ ...@@ -12,6 +12,7 @@
= icon('dashboard fw') = icon('dashboard fw')
%span %span
Group Group
- if can?(current_user, :read_group, @group)
- if current_user - if current_user
= nav_link(controller: [:group, :milestones]) do = nav_link(controller: [:group, :milestones]) do
= link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do = link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do
......
...@@ -3,20 +3,6 @@ Feature: Explore Groups ...@@ -3,20 +3,6 @@ Feature: Explore Groups
Background: Background:
Given group "TestGroup" has private project "Enterprise" Given group "TestGroup" has private project "Enterprise"
Scenario: I should not see group with private projects as visitor
When I visit group "TestGroup" page
Then I should be redirected to sign in page
Scenario: I should not see group with private projects group as user
When I sign in as a user
And I visit group "TestGroup" page
Then page status code should be 404
Scenario: I should not see group with private and internal projects as visitor
Given group "TestGroup" has internal project "Internal"
When I visit group "TestGroup" page
Then I should be redirected to sign in page
Scenario: I should see group with private and internal projects as user Scenario: I should see group with private and internal projects as user
Given group "TestGroup" has internal project "Internal" Given group "TestGroup" has internal project "Internal"
When I sign in as a user When I sign in as a user
......
...@@ -159,3 +159,14 @@ Feature: Groups ...@@ -159,3 +159,14 @@ Feature: Groups
When I visit group "Owned" projects page When I visit group "Owned" projects page
Then I should see group "Owned" projects list Then I should see group "Owned" projects list
And I should see "archived" label And I should see "archived" label
# Public group
@javascript
Scenario: Signed out user should see group
Given "Mary Jane" is owner of group "Owned"
And I am a signed out user
And Group "Owned" has a public project "Public-project"
When I visit group "Owned" page
Then I should see group "Owned"
Then I should see project "Public-project"
...@@ -17,6 +17,26 @@ class Spinach::Features::Groups < Spinach::FeatureSteps ...@@ -17,6 +17,26 @@ class Spinach::Features::Groups < Spinach::FeatureSteps
find(:css, 'button.btn-new').click find(:css, 'button.btn-new').click
end end
step 'I should see group "Owned"' do
expect(page).to have_content '@owned'
end
step 'I am a signed out user' do
logout
end
step 'Group "Owned" has a public project "Public-project"' do
group = Group.find_by(name: "Owned")
@project = create :empty_project, :public,
group: group,
name: "Public-project"
end
step 'I should see project "Public-project"' do
expect(page).to have_content 'Public-project'
end
step 'I select "Mike" as "Reporter"' do step 'I select "Mike" as "Reporter"' do
user = User.find_by(name: "Mike") user = User.find_by(name: "Mike")
......
...@@ -46,13 +46,11 @@ describe NamespacesController do ...@@ -46,13 +46,11 @@ describe NamespacesController do
context "when the project doesn't have public projects" do context "when the project doesn't have public projects" do
context "when not signed in" do context "when not signed in" do
it "redirects to the sign in page" do it "does not redirect to the sign in page" do
get :show, id: group.path get :show, id: group.path
expect(response).not_to redirect_to(new_user_session_path)
expect(response).to redirect_to(new_user_session_path)
end end
end end
context "when signed in" do context "when signed in" do
before do before do
sign_in(user) sign_in(user)
...@@ -86,10 +84,10 @@ describe NamespacesController do ...@@ -86,10 +84,10 @@ describe NamespacesController do
end end
context "when the user doesn't have access to the project" do context "when the user doesn't have access to the project" do
it "responds with status 404" do it "redirects to the group's page" do
get :show, id: group.path get :show, id: group.path
expect(response.status).to eq(404) expect(response).to redirect_to(group_path(group))
end end
end end
end end
......
...@@ -156,14 +156,6 @@ describe UploadsController do ...@@ -156,14 +156,6 @@ describe UploadsController do
end end
context "when the project doesn't have public projects" do context "when the project doesn't have public projects" do
context "when not signed in" do
it "redirects to the sign in page" do
get :show, model: "group", mounted_as: "avatar", id: group.id, filename: "image.png"
expect(response).to redirect_to(new_user_session_path)
end
end
context "when signed in" do context "when signed in" do
before do before do
sign_in(user) sign_in(user)
......
...@@ -68,7 +68,7 @@ describe 'Group access', feature: true do ...@@ -68,7 +68,7 @@ describe 'Group access', feature: true do
it { is_expected.to be_allowed_for group_member(:guest) } it { is_expected.to be_allowed_for group_member(:guest) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user } it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_allowed_for :visitor }
end end
context 'with no projects' do context 'with no projects' do
...@@ -77,8 +77,8 @@ describe 'Group access', feature: true do ...@@ -77,8 +77,8 @@ describe 'Group access', feature: true do
it { is_expected.to be_allowed_for group_member(:reporter) } it { is_expected.to be_allowed_for group_member(:reporter) }
it { is_expected.to be_allowed_for group_member(:guest) } it { is_expected.to be_allowed_for group_member(:guest) }
it { is_expected.to be_allowed_for :admin } it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_denied_for :user } it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor } it { is_expected.to be_allowed_for :visitor }
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment