diff options
author | Michael Kozono <mkozono@gmail.com> | 2017-05-03 15:26:44 -0700 |
---|---|---|
committer | Michael Kozono <mkozono@gmail.com> | 2017-05-05 12:12:49 -0700 |
commit | 0c866f4a575d8127efbf3eafda83d8ccfbd97817 (patch) | |
tree | da00182ea8dbba39cf72ae15b857b40aa84d5342 | |
parent | fc061c2ecd2e292383017c703220bfb22d0d6dce (diff) | |
download | gitlab-ce-0c866f4a575d8127efbf3eafda83d8ccfbd97817.tar.gz |
Resolve discussions
-rw-r--r-- | app/controllers/users_controller.rb | 18 | ||||
-rw-r--r-- | app/models/route.rb | 22 | ||||
-rw-r--r-- | app/models/user.rb | 2 | ||||
-rw-r--r-- | db/migrate/20170503184421_add_index_to_redirect_routes.rb | 5 | ||||
-rw-r--r-- | spec/controllers/users_controller_spec.rb | 18 |
5 files changed, 42 insertions, 23 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index d7c1241698a..67783866c3f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -3,7 +3,6 @@ class UsersController < ApplicationController skip_before_action :authenticate_user! before_action :user, except: [:exists] - before_action :authorize_read_user!, except: [:exists] def show respond_to do |format| @@ -93,14 +92,17 @@ class UsersController < ApplicationController private - def authorize_read_user! - render_404 unless can?(current_user, :read_user, user) - - ensure_canonical_path(user.namespace, params[:username]) - end - def user - @user ||= User.find_by_full_path(params[:username], follow_redirects: true) + return @user if @user + + @user = User.find_by_full_path(params[:username], follow_redirects: true) + + return render_404 unless @user + return render_404 unless can?(current_user, :read_user, @user) + + ensure_canonical_path(@user.namespace, params[:username]) + + @user end def contributed_projects diff --git a/app/models/route.rb b/app/models/route.rb index accc423ae46..3d798ce937b 100644 --- a/app/models/route.rb +++ b/app/models/route.rb @@ -16,22 +16,22 @@ class Route < ActiveRecord::Base scope :direct_descendant_routes, -> (path) { where('routes.path LIKE ? AND routes.path NOT LIKE ?', "#{sanitize_sql_like(path)}/%", "#{sanitize_sql_like(path)}/%/%") } def rename_direct_descendant_routes - if path_changed? || name_changed? - direct_descendant_routes = self.class.direct_descendant_routes(path_was) + return if !path_changed? && !name_changed? - direct_descendant_routes.each do |route| - attributes = {} + direct_descendant_routes = self.class.direct_descendant_routes(path_was) - if path_changed? && route.path.present? - attributes[:path] = route.path.sub(path_was, path) - end + direct_descendant_routes.each do |route| + attributes = {} - if name_changed? && name_was.present? && route.name.present? - attributes[:name] = route.name.sub(name_was, name) - end + if path_changed? && route.path.present? + attributes[:path] = route.path.sub(path_was, path) + end - route.update(attributes) unless attributes.empty? + if name_changed? && name_was.present? && route.name.present? + attributes[:name] = route.name.sub(name_was, name) end + + route.update(attributes) unless attributes.empty? end end diff --git a/app/models/user.rb b/app/models/user.rb index c6354b989ad..7da92d03427 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -335,7 +335,7 @@ class User < ActiveRecord::Base def find_by_full_path(path, follow_redirects: false) namespace = Namespace.find_by_full_path(path, follow_redirects: follow_redirects) - namespace.owner if namespace && namespace.owner + namespace&.owner end def reference_prefix diff --git a/db/migrate/20170503184421_add_index_to_redirect_routes.rb b/db/migrate/20170503184421_add_index_to_redirect_routes.rb index 5991f6ab6a1..9062cf19a73 100644 --- a/db/migrate/20170503184421_add_index_to_redirect_routes.rb +++ b/db/migrate/20170503184421_add_index_to_redirect_routes.rb @@ -1,7 +1,6 @@ # See http://doc.gitlab.com/ce/development/migration_style_guide.html # for more information on how to write migrations for GitLab. -# rubocop:disable RemoveIndex class AddIndexToRedirectRoutes < ActiveRecord::Migration include Gitlab::Database::MigrationHelpers @@ -16,7 +15,7 @@ class AddIndexToRedirectRoutes < ActiveRecord::Migration end def down - remove_index(:redirect_routes, :path) if index_exists?(:redirect_routes, :path) - remove_index(:redirect_routes, [:source_type, :source_id]) if index_exists?(:redirect_routes, [:source_type, :source_id]) + remove_concurrent_index(:redirect_routes, :path) if index_exists?(:redirect_routes, :path) + remove_concurrent_index(:redirect_routes, [:source_type, :source_id]) if index_exists?(:redirect_routes, [:source_type, :source_id]) end end diff --git a/spec/controllers/users_controller_spec.rb b/spec/controllers/users_controller_spec.rb index 73fd5b6f90d..73f448d69ed 100644 --- a/spec/controllers/users_controller_spec.rb +++ b/spec/controllers/users_controller_spec.rb @@ -84,6 +84,24 @@ describe UsersController do expect(response).to redirect_to(user) end end + + context 'when a user by that username does not exist' do + context 'when logged out' do + it 'renders 404 (does not redirect to login)' do + get :show, username: 'nonexistent' + expect(response).to have_http_status(404) + end + end + + context 'when logged in' do + before { sign_in(user) } + + it 'renders 404' do + get :show, username: 'nonexistent' + expect(response).to have_http_status(404) + end + end + end end describe 'GET #calendar' do |