diff options
author | Jason Hollingsworth <jhworth.developer@gmail.com> | 2014-02-13 14:45:51 -0600 |
---|---|---|
committer | Jason Hollingsworth <jhworth.developer@gmail.com> | 2014-02-20 09:26:38 -0600 |
commit | 2f69213e3f32e2e4222f6335e790e2c778069014 (patch) | |
tree | 3734a9d41d2445a1557ed2f79c6cfa3de7dec215 /app/controllers/users_controller.rb | |
parent | 138e2a50b7d839bd37c21b2849df422f9dfef6bb (diff) | |
download | gitlab-ce-2f69213e3f32e2e4222f6335e790e2c778069014.tar.gz |
Allow access to groups with public projects.
Fixed Group avatars to only display when user has read
permissions to at least one project in the group.
Diffstat (limited to 'app/controllers/users_controller.rb')
-rw-r--r-- | app/controllers/users_controller.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index e86601a439e..9461174b950 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,15 +1,15 @@ class UsersController < ApplicationController - skip_before_filter :authenticate_user!, only: [:show] layout :determine_layout def show @user = User.find_by_username!(params[:username]) - @projects = @user.authorized_projects.includes(:namespace).select {|project| can?(current_user, :read_project, project)} + @projects = @user.authorized_projects.accessible_to(current_user) if !current_user && @projects.empty? return authenticate_user! end - @events = @user.recent_events.where(project_id: @projects.map(&:id)).limit(20) + @groups = @user.groups.accessible_to(current_user) + @events = @user.recent_events.where(project_id: @projects.pluck(:id)).limit(20) @title = @user.name end |