2 files changed, 10 insertions, 51 deletions

diff --git a/app/models/user.rb b/app/models/user.rb
index d523b3f0491..20a2457eec9 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -389,40 +389,17 @@ class User < ActiveRecord::Base
     end
   end
 
-  # Returns the groups a user has access to, optionally including any public
-  # groups.
-  #
-  # public_internal - When set to "true" all public groups and groups of public
-  #                   projects are also included.
-  #
-  # Returns an ActiveRecord::Relation
-  def authorized_groups(public_internal = false)
+  # Returns the groups a user has access to
+  def authorized_groups
     union = Gitlab::SQL::Union.
-      new([groups.select(:id), authorized_projects(public_internal).
-           select(:namespace_id)])
-
-    sql = "namespaces.id IN (#{union.to_sql})"
-
-    if public_internal
-      sql << ' OR public IS TRUE'
-    end
+      new([groups.select(:id), authorized_projects.select(:namespace_id)])
 
-    Group.where(sql)
+    Group.where("namespaces.id IN (#{union.to_sql})")
   end
 
   # Returns the groups a user is authorized to access.
-  #
-  # public_internal - When set to "true" all public/internal projects will also
-  #                   be included.
-  def authorized_projects(public_internal = false)
-    base = "projects.id IN (#{projects_union.to_sql})"
-
-    if public_internal
-      Project.where("#{base} OR projects.visibility_level IN (?)",
-                    Project.public_and_internal_levels)
-    else
-      Project.where(base)
-    end
+  def authorized_projects
+    Project.where("projects.id IN (#{projects_union.to_sql})")
   end
 
   def owned_projects
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 71160f8dfef..4631b12faf1 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -762,44 +762,26 @@ describe User do
   describe '#authorized_groups' do
     let!(:user) { create(:user) }
     let!(:private_group) { create(:group) }
-    let!(:public_group) { create(:group, public: true) }
 
     before do
       private_group.add_user(user, Gitlab::Access::MASTER)
     end
 
-    describe 'excluding public groups' do
-      subject { user.authorized_groups }
+    subject { user.authorized_groups }
 
-      it { is_expected.to eq([private_group]) }
-    end
-
-    describe 'including public groups' do
-      subject { user.authorized_groups(true) }
-
-      it { is_expected.to eq([public_group, private_group]) }
-    end
+    it { is_expected.to eq([private_group]) }
   end
 
   describe '#authorized_projects' do
     let!(:user) { create(:user) }
     let!(:private_project) { create(:project, :private) }
-    let!(:public_project) { create(:project, :public) }
 
     before do
       private_project.team << [user, Gitlab::Access::MASTER]
     end
 
-    describe 'excluding public projects' do
-      subject { user.authorized_projects }
+    subject { user.authorized_projects }
 
-      it { is_expected.to eq([private_project]) }
-    end
-
-    describe 'including public projects' do
-      subject { user.authorized_projects(true) }
-
-      it { is_expected.to eq([public_project, private_project]) }
-    end
+    it { is_expected.to eq([private_project]) }
   end
 end