3 files changed, 14 insertions, 30 deletions

diff --git a/app/models/issue.rb b/app/models/issue.rb
index 6ecb3535359..1bdf9c011b2 100644
--- a/app/models/issue.rb
+++ b/app/models/issue.rb
@@ -51,7 +51,7 @@ class Issue < ActiveRecord::Base
   end
 
   def self.visible_to_user(user)
-    return where(confidential: false) if user.blank?
+    return where('issues.confidential IS NULL OR issues.confidential IS FALSE') if user.blank?
     return all if user.admin?
 
     where('
diff --git a/app/models/note.rb b/app/models/note.rb
index 8ce2b6fa538..58133f1581f 100644
--- a/app/models/note.rb
+++ b/app/models/note.rb
@@ -88,22 +88,9 @@ class Note < ActiveRecord::Base
       table   = arel_table
       pattern = "%#{query}%"
 
-      found_notes = joins('LEFT JOIN issues ON issues.id = noteable_id').
-        where(table[:note].matches(pattern))
-
-      if as_user
-        found_notes.where('
-          issues.confidential IS NULL
-          OR issues.confidential IS FALSE
-          OR (issues.confidential IS TRUE
-            AND (issues.author_id = :user_id
-            OR issues.assignee_id = :user_id
-            OR issues.project_id IN(:project_ids)))',
-          user_id: as_user.id,
-          project_ids: as_user.authorized_projects(Gitlab::Access::REPORTER).select(:id))
-      else
-        found_notes.where('issues.confidential IS NULL OR issues.confidential IS FALSE')
-      end
+      Note.joins('LEFT JOIN issues ON issues.id = noteable_id').
+        where(table[:note].matches(pattern)).
+        merge(Issue.visible_to_user(as_user))
     end
   end
 
diff --git a/app/models/user.rb b/app/models/user.rb
index 69c1bf4bc3d..a5b3c8afe51 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -825,19 +825,16 @@ class User < ActiveRecord::Base
   private
 
   def projects_union(min_access_level = nil)
-    relations = if min_access_level
-                  scope = { access_level: Gitlab::Access.values.select { |access| access >= min_access_level } }
-
-                  [personal_projects.select(:id),
-                   groups_projects.where(members: scope).select(:id),
-                   projects.where(members: scope).select(:id),
-                   groups.joins(:shared_projects).where(members: scope).select(:project_id)]
-                else
-                  [personal_projects.select(:id),
-                   groups_projects.select(:id),
-                   projects.select(:id),
-                   groups.joins(:shared_projects).select(:project_id)]
-                end
+    relations = [personal_projects.select(:id),
+                 groups_projects.select(:id),
+                 projects.select(:id),
+                 groups.joins(:shared_projects).select(:project_id)]
+
+
+    if min_access_level
+      scope = { access_level: Gitlab::Access.values.select { |access| access >= min_access_level } }
+      relations = [relations.shift] + relations.map { |relation| relation.where(members: scope) }
+    end
 
     Gitlab::SQL::Union.new(relations)
   end