diff options
| author | Mark Fletcher <mark@gitlab.com> | 2017-09-03 13:49:19 +0800 |
|---|---|---|
| committer | Mark Fletcher <mark@gitlab.com> | 2017-09-06 12:02:04 +1000 |
| commit | ed43c6f1fd2c01307c4fe9fb8ba52a7c1a72f624 (patch) | |
| tree | 140fffd624d2eac0697e903cf13073f0706ec060 | |
| parent | 81002745184df28fc9d969afc524986279c653bb (diff) | |
| download | gitlab-ce-ed43c6f1fd2c01307c4fe9fb8ba52a7c1a72f624.tar.gz | |
Hide admin link from default search results for non-admins
| -rw-r--r-- | app/helpers/search_helper.rb | 11 | ||||
| -rw-r--r-- | changelogs/unreleased/19650-remove-admin-section-from-search-results-if-user-doesnt-have-access.yml | 5 | ||||
| -rw-r--r-- | spec/helpers/search_helper_spec.rb | 20 |
3 files changed, 32 insertions, 4 deletions
diff --git a/app/helpers/search_helper.rb b/app/helpers/search_helper.rb index ae0e0aa3cf9..98e824a8c65 100644 --- a/app/helpers/search_helper.rb +++ b/app/helpers/search_helper.rb @@ -10,6 +10,7 @@ module SearchHelper search_pattern = Regexp.new(Regexp.escape(term), "i") generic_results = project_autocomplete + default_autocomplete + help_autocomplete + generic_results.concat(default_autocomplete_admin) if current_user.admin? generic_results.select! { |result| result[:label] =~ search_pattern } [ @@ -41,8 +42,14 @@ module SearchHelper [ { category: "Settings", label: "User settings", url: profile_path }, { category: "Settings", label: "SSH Keys", url: profile_keys_path }, - { category: "Settings", label: "Dashboard", url: root_path }, - { category: "Settings", label: "Admin Section", url: admin_root_path } + { category: "Settings", label: "Dashboard", url: root_path } + ] + end + + # Autocomplete results for settings pages, for admins + def default_autocomplete_admin + [ + { category: "Settings", label: "Admin Section", url: admin_root_path } ] end diff --git a/changelogs/unreleased/19650-remove-admin-section-from-search-results-if-user-doesnt-have-access.yml b/changelogs/unreleased/19650-remove-admin-section-from-search-results-if-user-doesnt-have-access.yml new file mode 100644 index 00000000000..6d5baa8c10f --- /dev/null +++ b/changelogs/unreleased/19650-remove-admin-section-from-search-results-if-user-doesnt-have-access.yml @@ -0,0 +1,5 @@ +--- +title: Hide admin link from default search results for non-admins +merge_request: 14015 +author: +type: fixed diff --git a/spec/helpers/search_helper_spec.rb b/spec/helpers/search_helper_spec.rb index 463af15930d..ab647401e14 100644 --- a/spec/helpers/search_helper_spec.rb +++ b/spec/helpers/search_helper_spec.rb @@ -17,7 +17,7 @@ describe SearchHelper do end end - context "with a user" do + context "with a standard user" do let(:user) { create(:user) } before do @@ -29,7 +29,11 @@ describe SearchHelper do end it "includes default sections" do - expect(search_autocomplete_opts("adm").size).to eq(1) + expect(search_autocomplete_opts("dash").size).to eq(1) + end + + it "does not include admin sections" do + expect(search_autocomplete_opts("admin").size).to eq(0) end it "does not allow regular expression in search term" do @@ -67,6 +71,18 @@ describe SearchHelper do end end end + + context 'with an admin user' do + let(:admin) { create(:admin) } + + before do + allow(self).to receive(:current_user).and_return(admin) + end + + it "includes admin sections" do + expect(search_autocomplete_opts("admin").size).to eq(1) + end + end end describe 'search_filter_input_options' do |