Merge branch 'fix-autocomplete-with-public-projects' into 'master'

Fix user autocomplete for unauthenticated users accessing public projects Closes #1955 See merge request !963
author: Hannes Rosenögger <123haynes@gmail.com> 2015-07-11 12:54:09 +0000
committer: Hannes Rosenögger <123haynes@gmail.com> 2015-07-11 12:54:09 +0000
commit: d0b240136a444a61c3c8960cba33f987022fa0f4 (patch)
tree: 8634d24ea62f66d1bbffc411ca0aec9442cd9b48 /app
parent: ddaac5317f99a52db6a039b672301c8b9cd5d2ff (diff)
parent: 0b67d7a0fe79c05681c6e541105350d94fff6931 (diff)
download: gitlab-ce-d0b240136a444a61c3c8960cba33f987022fa0f4.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb
index 11af9895261..8b12643bb97 100644
--- a/app/controllers/autocomplete_controller.rb
+++ b/app/controllers/autocomplete_controller.rb
@@ -1,4 +1,6 @@
 class AutocompleteController < ApplicationController
+  skip_before_action :authenticate_user!, only: [:users]
+
   def users
     @users =
       if params[:project_id].present?
@@ -13,8 +15,10 @@ class AutocompleteController < ApplicationController
         if can?(current_user, :read_group, group)
           group.users
         end
-      else
+      elsif current_user
         User.all
+      else
+        User.none
       end
 
     @users = @users.search(params[:search]) if params[:search].present?
author	Hannes Rosenögger <123haynes@gmail.com>	2015-07-11 12:54:09 +0000
committer	Hannes Rosenögger <123haynes@gmail.com>	2015-07-11 12:54:09 +0000
commit	d0b240136a444a61c3c8960cba33f987022fa0f4 (patch)
tree	8634d24ea62f66d1bbffc411ca0aec9442cd9b48 /app
parent	ddaac5317f99a52db6a039b672301c8b9cd5d2ff (diff)
parent	0b67d7a0fe79c05681c6e541105350d94fff6931 (diff)
download	gitlab-ce-d0b240136a444a61c3c8960cba33f987022fa0f4.tar.gz