summaryrefslogtreecommitdiff
path: root/app/controllers/autocomplete_controller.rb
diff options
context:
space:
mode:
authorStan Hu <stanhu@gmail.com>2015-07-10 17:36:24 -0700
committerStan Hu <stanhu@gmail.com>2015-07-10 17:39:58 -0700
commit0b67d7a0fe79c05681c6e541105350d94fff6931 (patch)
treea75df25d998c7e46875f5a72eb7a979aea60a3ff /app/controllers/autocomplete_controller.rb
parent3f5a4ae5e66ba23a16c7a41b27ade196994c5a4c (diff)
downloadgitlab-ce-0b67d7a0fe79c05681c6e541105350d94fff6931.tar.gz
Fix user autocomplete for unauthenticated users accessing public projects
Closes #1955
Diffstat (limited to 'app/controllers/autocomplete_controller.rb')
-rw-r--r--app/controllers/autocomplete_controller.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb
index 11af9895261..8b12643bb97 100644
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -1,4 +1,6 @@
class AutocompleteController < ApplicationController
+ skip_before_action :authenticate_user!, only: [:users]
+
def users
@users =
if params[:project_id].present?
@@ -13,8 +15,10 @@ class AutocompleteController < ApplicationController
if can?(current_user, :read_group, group)
group.users
end
- else
+ elsif current_user
User.all
+ else
+ User.none
end
@users = @users.search(params[:search]) if params[:search].present?
View Lorry Controller Status