Merge branch 'security-fix-something-went-wrong-on-when-not-logged-in-ce-12-0' into '12-0-stable'

Return NO_ACCESS if user is nil See merge request gitlab/gitlabhq!3388
author: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-08-28 15:07:49 +0000
committer: GitLab Release Tools Bot <robert+release-tools@gitlab.com> 2019-08-28 15:07:49 +0000
commit: 1b4a88f0187fcaa4310ecbe889af294956cc03cf (patch)
tree: 6e1299bc664e92617d11ab67af966f1ab228e504
parent: 7321d0ab5ef6c8eef814e57c623f46120ca6d17e (diff)
parent: e15a6bc1cc3eb9b3670d2b42813c634117e7b04d (diff)
download: gitlab-ce-1b4a88f0187fcaa4310ecbe889af294956cc03cf.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/app/models/group.rb b/app/models/group.rb
index dbec211935d..fac41e6ba44 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -356,6 +356,8 @@ class Group < Namespace
   end
 
   def max_member_access_for_user(user)
+    return GroupMember::NO_ACCESS unless user
+
     return GroupMember::OWNER if user.admin?
 
     members_with_parents
author	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-08-28 15:07:49 +0000
committer	GitLab Release Tools Bot <robert+release-tools@gitlab.com>	2019-08-28 15:07:49 +0000
commit	1b4a88f0187fcaa4310ecbe889af294956cc03cf (patch)
tree	6e1299bc664e92617d11ab67af966f1ab228e504
parent	7321d0ab5ef6c8eef814e57c623f46120ca6d17e (diff)
parent	e15a6bc1cc3eb9b3670d2b42813c634117e7b04d (diff)
download	gitlab-ce-1b4a88f0187fcaa4310ecbe889af294956cc03cf.tar.gz