Don't treat anonymous users as owners when group has pending invites

The `members` table can have entries where `user_id: nil`, because people can
invite group members by email. We never want to include those as members,
because it might cause confusion with the anonymous (logged out) user.

2 files changed, 7 insertions, 2 deletions

diff --git a/app/models/group.rb b/app/models/group.rb
index dfa4e8adedd..bd5735ed82e 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -167,10 +167,14 @@ class Group < Namespace
   end
 
   def has_owner?(user)
+    return false unless user
+
     members_with_parents.owners.where(user_id: user).any?
   end
 
   def has_master?(user)
+    return false unless user
+
     members_with_parents.masters.where(user_id: user).any?
   end
 
@@ -212,7 +216,7 @@ class Group < Namespace
   end
 
   def members_with_parents
-    GroupMember.non_request.where(source_id: ancestors.pluck(:id).push(id))
+    GroupMember.active.where(source_id: ancestors.pluck(:id).push(id)).where.not(user_id: nil)
   end
 
   def users_with_parents
diff --git a/app/policies/project_policy.rb b/app/policies/project_policy.rb
index d27bbf2948c..0133091db57 100644
--- a/app/policies/project_policy.rb
+++ b/app/policies/project_policy.rb
@@ -10,7 +10,8 @@ class ProjectPolicy < BasePolicy
 
   desc "User is a project owner"
   condition :owner do
-    @user && project.owner == @user || (project.group && project.group.has_owner?(@user))
+    (project.owner.present? && project.owner == @user) ||
+      project.group&.has_owner?(@user)
   end
 
   desc "Project has public builds enabled"