Merge branch 'snippets-finder-visibility' into 'security'

Refactor snippets finder & dont return internal snippets for external users See merge request !2094
author: Douwe Maan <douwe@gitlab.com> 2017-04-28 22:06:27 +0000
committer: Bob Van Landuyt <bob@gitlab.com> 2017-05-10 16:48:18 +0200
commit: ad309f5d110ebf8859b2e7196c7a1d0b039c0d7c (patch)
tree: 68e378c1c60578b73f3508b48fea343db0c6a762 /app/controllers/snippets_controller.rb
parent: 576e244b6c017dcda2d2d848670ec3b60db63409 (diff)
download: gitlab-ce-ad309f5d110ebf8859b2e7196c7a1d0b039c0d7c.tar.gz
1 files changed, 2 insertions, 6 deletions
diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb
index 656a365b701..7445f61195d 100644
--- a/app/controllers/snippets_controller.rb
+++ b/app/controllers/snippets_controller.rb
@@ -27,12 +27,8 @@ class SnippetsController < ApplicationController
 
       return render_404 unless @user
 
-      @snippets = SnippetsFinder.new.execute(current_user, {
-        filter: :by_user,
-        user: @user,
-        scope: params[:scope]
-      })
-      .page(params[:page])
+      @snippets = SnippetsFinder.new(current_user, author: @user, scope: params[:scope])
+        .execute.page(params[:page])
 
       render 'index'
     else
author	Douwe Maan <douwe@gitlab.com>	2017-04-28 22:06:27 +0000
committer	Bob Van Landuyt <bob@gitlab.com>	2017-05-10 16:48:18 +0200
commit	ad309f5d110ebf8859b2e7196c7a1d0b039c0d7c (patch)
tree	68e378c1c60578b73f3508b48fea343db0c6a762 /app/controllers/snippets_controller.rb
parent	576e244b6c017dcda2d2d848670ec3b60db63409 (diff)
download	gitlab-ce-ad309f5d110ebf8859b2e7196c7a1d0b039c0d7c.tar.gz