Project members with guest role can't access confidential issues

author: Douglas Barbosa Alexandre <dbalexandre@gmail.com> 2016-06-06 16:13:31 -0300
committer: Douglas Barbosa Alexandre <dbalexandre@gmail.com> 2016-06-13 19:32:00 -0300
commit: b56c45675019baaaf47615d51c08d5caa0734ad3 (patch)
tree: b933c21ab49a745a6839aa1127c237ffe7a3a3fb /app/models/note.rb
parent: af8500f43010f42176b2ec1814f0fe7248258b05 (diff)
download: gitlab-ce-b56c45675019baaaf47615d51c08d5caa0734ad3.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/app/models/note.rb b/app/models/note.rb
index 585d8c4ad84..8ce2b6fa538 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -100,7 +100,7 @@ class Note < ActiveRecord::Base
             OR issues.assignee_id = :user_id
             OR issues.project_id IN(:project_ids)))',
           user_id: as_user.id,
-          project_ids: as_user.authorized_projects.select(:id))
+          project_ids: as_user.authorized_projects(Gitlab::Access::REPORTER).select(:id))
       else
         found_notes.where('issues.confidential IS NULL OR issues.confidential IS FALSE')
       end
author	Douglas Barbosa Alexandre <dbalexandre@gmail.com>	2016-06-06 16:13:31 -0300
committer	Douglas Barbosa Alexandre <dbalexandre@gmail.com>	2016-06-13 19:32:00 -0300
commit	b56c45675019baaaf47615d51c08d5caa0734ad3 (patch)
tree	b933c21ab49a745a6839aa1127c237ffe7a3a3fb /app/models/note.rb
parent	af8500f43010f42176b2ec1814f0fe7248258b05 (diff)
download	gitlab-ce-b56c45675019baaaf47615d51c08d5caa0734ad3.tar.gz