Add latest changes from gitlab-org/security/gitlab@15-1-stable-ee

1 files changed, 11 insertions, 1 deletions

diff --git a/app/finders/ci/runner_jobs_finder.rb b/app/finders/ci/runner_jobs_finder.rb
index 9dc3c2a2427..b659eda6646 100644
--- a/app/finders/ci/runner_jobs_finder.rb
+++ b/app/finders/ci/runner_jobs_finder.rb
@@ -6,13 +6,15 @@ module Ci
 
     ALLOWED_INDEXED_COLUMNS = %w[id].freeze
 
-    def initialize(runner, params = {})
+    def initialize(runner, current_user, params = {})
       @runner = runner
+      @user = current_user
       @params = params
     end
 
     def execute
       items = @runner.builds
+      items = by_permission(items)
       items = by_status(items)
       sort_items(items)
     end
@@ -20,6 +22,14 @@ module Ci
     private
 
     # rubocop: disable CodeReuse/ActiveRecord
+    def by_permission(items)
+      return items if @user.can_read_all_resources?
+
+      items.for_project(@user.authorized_project_mirrors(Gitlab::Access::REPORTER).select(:project_id))
+    end
+    # rubocop: enable CodeReuse/ActiveRecord
+
+    # rubocop: disable CodeReuse/ActiveRecord
     def by_status(items)
       return items unless Ci::HasStatus::AVAILABLE_STATUSES.include?(params[:status])