Send only to users have :read_build access, feedback:

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/6342#note_17193335

3 files changed, 13 insertions, 4 deletions

diff --git a/app/policies/ci/build_policy.rb b/app/policies/ci/build_policy.rb
index 2232e231cf8..8b25332b73c 100644
--- a/app/policies/ci/build_policy.rb
+++ b/app/policies/ci/build_policy.rb
@@ -5,7 +5,7 @@ module Ci
 
       # If we can't read build we should also not have that
       # ability when looking at this in context of commit_status
-      %w(read create update admin).each do |rule|
+      %w[read create update admin].each do |rule|
         cannot! :"#{rule}_commit_status" unless can? :"#{rule}_build"
       end
     end
diff --git a/app/policies/ci/pipeline_policy.rb b/app/policies/ci/pipeline_policy.rb
new file mode 100644
index 00000000000..3d2eef1c50c
--- /dev/null
+++ b/app/policies/ci/pipeline_policy.rb
@@ -0,0 +1,4 @@
+module Ci
+  class PipelinePolicy < BuildPolicy
+  end
+end
diff --git a/app/services/notification_service.rb b/app/services/notification_service.rb
index 2cc9a9fd7bf..f48255b2e6c 100644
--- a/app/services/notification_service.rb
+++ b/app/services/notification_service.rb
@@ -489,9 +489,14 @@ class NotificationService
   end
 
   def reject_users_without_access(recipients, target)
-    return recipients unless target.is_a?(Issuable)
-
-    ability = :"read_#{target.to_ability_name}"
+    ability = case target
+              when Issuable
+                :"read_#{target.to_ability_name}"
+              when Ci::Pipeline
+                :read_build # We have build trace in pipeline emails
+              end
+
+    return recipients unless ability
 
     recipients.select do |user|
       user.can?(ability, target)