summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJames Lopez <james@gitlab.com>2018-01-19 07:35:34 +0000
committerJames Lopez <james@gitlab.com>2018-01-19 07:35:34 +0000
commita1c0964d7170a98214c37e1a45ce8223c83a33f5 (patch)
treeae92be261cf27498776783570816265d0377470a
parent43538018261a5d1cccefecae895fad9e74adb1db (diff)
parent795e546b1c3c2433c046ffa517c0569a6c9ccdd0 (diff)
downloadgitlab-ce-a1c0964d7170a98214c37e1a45ce8223c83a33f5.tar.gz
Merge branch '34055-issues-enabled-filter-misbehavior' into 'master'
Resolve "Projects API: filter 'with_issues_enabled=true' returns projects with 'issues_enabled=false'" Closes #34055 See merge request gitlab-org/gitlab-ce!12724
-rw-r--r--app/models/project.rb1
-rw-r--r--changelogs/unreleased/34055-issues-enabled-filter-misbehavior.yml6
-rw-r--r--lib/api/projects.rb4
-rw-r--r--spec/requests/api/projects_spec.rb26
4 files changed, 35 insertions, 2 deletions
diff --git a/app/models/project.rb b/app/models/project.rb
index 4017864f718..5d0e61ecaa7 100644
--- a/app/models/project.rb
+++ b/app/models/project.rb
@@ -314,6 +314,7 @@ class Project < ActiveRecord::Base
scope :with_builds_enabled, -> { with_feature_enabled(:builds) }
scope :with_issues_enabled, -> { with_feature_enabled(:issues) }
+ scope :with_issues_available_for_user, ->(current_user) { with_feature_available_for_user(:issues, current_user) }
scope :with_merge_requests_enabled, -> { with_feature_enabled(:merge_requests) }
enum auto_cancel_pending_pipelines: { disabled: 0, enabled: 1 }
diff --git a/changelogs/unreleased/34055-issues-enabled-filter-misbehavior.yml b/changelogs/unreleased/34055-issues-enabled-filter-misbehavior.yml
new file mode 100644
index 00000000000..09e2af1e4d3
--- /dev/null
+++ b/changelogs/unreleased/34055-issues-enabled-filter-misbehavior.yml
@@ -0,0 +1,6 @@
+---
+title: Fix the Projects API with_issues_enabled filter behaving incorrectly
+ any user
+merge_request: 12724
+author: Jan Christophersen
+type: fixed
diff --git a/lib/api/projects.rb b/lib/api/projects.rb
index 653126e79ea..8b5e4f8edcc 100644
--- a/lib/api/projects.rb
+++ b/lib/api/projects.rb
@@ -76,9 +76,9 @@ module API
def present_projects(projects, options = {})
projects = reorder_projects(projects)
- projects = projects.with_statistics if params[:statistics]
- projects = projects.with_issues_enabled if params[:with_issues_enabled]
+ projects = projects.with_issues_available_for_user(current_user) if params[:with_issues_enabled]
projects = projects.with_merge_requests_enabled if params[:with_merge_requests_enabled]
+ projects = projects.with_statistics if params[:statistics]
projects = paginate(projects)
if current_user
diff --git a/spec/requests/api/projects_spec.rb b/spec/requests/api/projects_spec.rb
index de1763015fa..97e7ffcd38e 100644
--- a/spec/requests/api/projects_spec.rb
+++ b/spec/requests/api/projects_spec.rb
@@ -150,6 +150,19 @@ describe API::Projects do
expect(json_response.find { |hash| hash['id'] == project.id }.keys).not_to include('open_issues_count')
end
+ context 'and with_issues_enabled=true' do
+ it 'only returns projects with issues enabled' do
+ project.project_feature.update_attribute(:issues_access_level, ProjectFeature::DISABLED)
+
+ get api('/projects?with_issues_enabled=true', user)
+
+ expect(response.status).to eq 200
+ expect(response).to include_pagination_headers
+ expect(json_response).to be_an Array
+ expect(json_response.map { |p| p['id'] }).not_to include(project.id)
+ end
+ end
+
it "does not include statistics by default" do
get api('/projects', user)
@@ -352,6 +365,19 @@ describe API::Projects do
let(:current_user) { user2 }
let(:projects) { [public_project] }
end
+
+ context 'and with_issues_enabled=true' do
+ it 'does not return private issue projects' do
+ project.project_feature.update_attribute(:issues_access_level, ProjectFeature::PRIVATE)
+
+ get api('/projects?with_issues_enabled=true', user2)
+
+ expect(response.status).to eq 200
+ expect(response).to include_pagination_headers
+ expect(json_response).to be_an Array
+ expect(json_response.map { |p| p['id'] }).not_to include(project.id)
+ end
+ end
end
context 'when authenticated as admin' do