diff options
author | Stan Hu <stanhu@gmail.com> | 2015-07-10 17:36:24 -0700 |
---|---|---|
committer | Stan Hu <stanhu@gmail.com> | 2015-07-10 17:39:58 -0700 |
commit | 0b67d7a0fe79c05681c6e541105350d94fff6931 (patch) | |
tree | a75df25d998c7e46875f5a72eb7a979aea60a3ff /app/controllers/autocomplete_controller.rb | |
parent | 3f5a4ae5e66ba23a16c7a41b27ade196994c5a4c (diff) | |
download | gitlab-ce-0b67d7a0fe79c05681c6e541105350d94fff6931.tar.gz |
Fix user autocomplete for unauthenticated users accessing public projects
Closes #1955
Diffstat (limited to 'app/controllers/autocomplete_controller.rb')
-rw-r--r-- | app/controllers/autocomplete_controller.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb index 11af9895261..8b12643bb97 100644 --- a/app/controllers/autocomplete_controller.rb +++ b/app/controllers/autocomplete_controller.rb @@ -1,4 +1,6 @@ class AutocompleteController < ApplicationController + skip_before_action :authenticate_user!, only: [:users] + def users @users = if params[:project_id].present? @@ -13,8 +15,10 @@ class AutocompleteController < ApplicationController if can?(current_user, :read_group, group) group.users end - else + elsif current_user User.all + else + User.none end @users = @users.search(params[:search]) if params[:search].present? |