3 files changed, 11 insertions, 7 deletions

diff --git a/lib/gitlab/asciidoc.rb b/lib/gitlab/asciidoc.rb
index fba80c7132e..96d38f6daa0 100644
--- a/lib/gitlab/asciidoc.rb
+++ b/lib/gitlab/asciidoc.rb
@@ -15,17 +15,17 @@ module Gitlab
     #
     # input         - the source text in Asciidoc format
     #
-    def self.render(input)
+    def self.render(input, context)
       asciidoc_opts = { safe: :secure,
                         backend: :gitlab_html5,
                         attributes: DEFAULT_ADOC_ATTRS }
 
+      context[:pipeline] = :markup
+
       plantuml_setup
 
       html = ::Asciidoctor.convert(input, asciidoc_opts)
-
-      filter = Banzai::Filter::SanitizationFilter.new(html)
-      html = filter.call.to_s
+      html = Banzai.render(html, context)
 
       html.html_safe
     end
diff --git a/lib/gitlab/other_markup.rb b/lib/gitlab/other_markup.rb
index c2adc9aa10b..31a24460f0f 100644
--- a/lib/gitlab/other_markup.rb
+++ b/lib/gitlab/other_markup.rb
@@ -5,12 +5,12 @@ module Gitlab
     #
     # input         - the source text in a markup format
     #
-    def self.render(file_name, input)
+    def self.render(file_name, input, context)
       html = GitHub::Markup.render(file_name, input).
         force_encoding(input.encoding)
+      context[:pipeline] = :markup
 
-      filter = Banzai::Filter::SanitizationFilter.new(html)
-      html = filter.call.to_s
+      html = Banzai.render(html, context)
 
       html.html_safe
     end
diff --git a/lib/gitlab/project_search_results.rb b/lib/gitlab/project_search_results.rb
index 0b8959f2fb9..47cfe412715 100644
--- a/lib/gitlab/project_search_results.rb
+++ b/lib/gitlab/project_search_results.rb
@@ -82,6 +82,8 @@ module Gitlab
     private
 
     def blobs
+      return [] unless Ability.allowed?(@current_user, :download_code, @project)
+
       @blobs ||= begin
         blobs = project.repository.search_files_by_content(query, repository_ref).first(100)
         found_file_names = Set.new
@@ -102,6 +104,8 @@ module Gitlab
     end
 
     def wiki_blobs
+      return [] unless Ability.allowed?(@current_user, :read_wiki, @project)
+
       @wiki_blobs ||= begin
         if project.wiki_enabled? && query.present?
           project_wiki = ProjectWiki.new(project)