diff options
author | Hannes Rosenögger <123haynes@gmail.com> | 2015-07-11 12:54:09 +0000 |
---|---|---|
committer | Hannes Rosenögger <123haynes@gmail.com> | 2015-07-11 12:54:09 +0000 |
commit | d0b240136a444a61c3c8960cba33f987022fa0f4 (patch) | |
tree | 8634d24ea62f66d1bbffc411ca0aec9442cd9b48 /app | |
parent | ddaac5317f99a52db6a039b672301c8b9cd5d2ff (diff) | |
parent | 0b67d7a0fe79c05681c6e541105350d94fff6931 (diff) | |
download | gitlab-ce-d0b240136a444a61c3c8960cba33f987022fa0f4.tar.gz |
Merge branch 'fix-autocomplete-with-public-projects' into 'master'
Fix user autocomplete for unauthenticated users accessing public projects
Closes #1955
See merge request !963
Diffstat (limited to 'app')
-rw-r--r-- | app/controllers/autocomplete_controller.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb index 11af9895261..8b12643bb97 100644 --- a/app/controllers/autocomplete_controller.rb +++ b/app/controllers/autocomplete_controller.rb @@ -1,4 +1,6 @@ class AutocompleteController < ApplicationController + skip_before_action :authenticate_user!, only: [:users] + def users @users = if params[:project_id].present? @@ -13,8 +15,10 @@ class AutocompleteController < ApplicationController if can?(current_user, :read_group, group) group.users end - else + elsif current_user User.all + else + User.none end @users = @users.search(params[:search]) if params[:search].present? |