diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-09 21:09:19 +0000 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-04-09 21:09:19 +0000 |
| commit | 254ec28f5448f6f353cd98f637985de3d1405854 (patch) | |
| tree | 1c84ed7b7dd32db96454af034cd6c7e90699e76d /app/services | |
| parent | 141902c04943d5fb43c014b8cf42af60a3bc0cdf (diff) | |
| download | gitlab-ce-254ec28f5448f6f353cd98f637985de3d1405854.tar.gz | |
Add latest changes from gitlab-org/gitlab@master
Diffstat (limited to 'app/services')
| -rw-r--r-- | app/services/search_service.rb | 26 |
1 files changed, 7 insertions, 19 deletions
diff --git a/app/services/search_service.rb b/app/services/search_service.rb index 75cd6c78a52..c96599f9958 100644 --- a/app/services/search_service.rb +++ b/app/services/search_service.rb @@ -3,11 +3,6 @@ class SearchService include Gitlab::Allowable - REDACTABLE_RESULTS = [ - ActiveRecord::Relation, - Gitlab::Search::FoundBlob - ].freeze - SEARCH_TERM_LIMIT = 64 SEARCH_CHAR_LIMIT = 4096 @@ -68,10 +63,6 @@ class SearchService @search_objects ||= redact_unauthorized_results(search_results.objects(scope, params[:page])) end - def redactable_results - REDACTABLE_RESULTS - end - private def visible_result?(object) @@ -80,12 +71,9 @@ class SearchService Ability.allowed?(current_user, :"read_#{object.to_ability_name}", object) end - def redact_unauthorized_results(results) - return results unless redactable_results.any? { |redactable| results.is_a?(redactable) } - - permitted_results = results.select do |object| - visible_result?(object) - end + def redact_unauthorized_results(results_collection) + results = results_collection.to_a + permitted_results = results.select { |object| visible_result?(object) } filtered_results = (results - permitted_results).each_with_object({}) do |object, memo| memo[object.id] = { ability: :"read_#{object.to_ability_name}", id: object.id, class_name: object.class.name } @@ -93,13 +81,13 @@ class SearchService log_redacted_search_results(filtered_results.values) if filtered_results.any? - return results.id_not_in(filtered_results.keys) if results.is_a?(ActiveRecord::Relation) + return results_collection.id_not_in(filtered_results.keys) if results_collection.is_a?(ActiveRecord::Relation) Kaminari.paginate_array( permitted_results, - total_count: results.total_count, - limit: results.limit_value, - offset: results.offset_value + total_count: results_collection.total_count, + limit: results_collection.limit_value, + offset: results_collection.offset_value ) end |