Spec instance statistics

3 files changed, 7 insertions, 3 deletions

diff --git a/app/controllers/instance_statistics/application_controller.rb b/app/controllers/instance_statistics/application_controller.rb
index 85b28a6080d..a273dde105c 100644
--- a/app/controllers/instance_statistics/application_controller.rb
+++ b/app/controllers/instance_statistics/application_controller.rb
@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 
 class InstanceStatistics::ApplicationController < ApplicationController
-  before_action :authenticate_user!
+  before_action :authorize_read_instance_statistics!
   layout 'instance_statistics'
 
-  def authenticate_user!
+  def authorize_read_instance_statistics!
     render_404 unless can?(current_user, :read_instance_statistics)
   end
 end
diff --git a/app/controllers/instance_statistics/cohorts_controller.rb b/app/controllers/instance_statistics/cohorts_controller.rb
index 77d09c198c8..7eba0a5ecdd 100644
--- a/app/controllers/instance_statistics/cohorts_controller.rb
+++ b/app/controllers/instance_statistics/cohorts_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class InstanceStatistics::CohortsController < InstanceStatistics::ApplicationController
   def index
     if Gitlab::CurrentSettings.usage_ping_enabled
diff --git a/app/policies/global_policy.rb b/app/policies/global_policy.rb
index bf146dc375b..16c58730878 100644
--- a/app/policies/global_policy.rb
+++ b/app/policies/global_policy.rb
@@ -20,7 +20,9 @@ class GlobalPolicy < BasePolicy
   end
 
   condition(:private_instance_statistics, score: 0) { Gitlab::CurrentSettings.instance_statistics_visibility_private? }
-  rule { admin | ~private_instance_statistics }.enable :read_instance_statistics
+
+  rule { admin | (~private_instance_statistics & ~anonymous) }
+    .enable :read_instance_statistics
 
   rule { anonymous }.policy do
     prevent :log_in