From ef1811f4bc211929997a5b8cc1ecd511b52ca6f4 Mon Sep 17 00:00:00 2001
From: Toon Claes <toon@gitlab.com>
Date: Tue, 13 Jun 2017 09:11:33 +0200
Subject: Subgroups page should show groups authorized through inheritance

When a user is authorized to a group, they are also authorized to see all the
ancestor groups and descendant groups.

When a user is authorized to a project, they are authorized to see all the
ancestor groups too.

Closes #32135

See merge request !11764
---
 app/finders/groups_finder.rb | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'app/finders')

diff --git a/app/finders/groups_finder.rb b/app/finders/groups_finder.rb
index f68610e197c..cb4ab6eacc1 100644
--- a/app/finders/groups_finder.rb
+++ b/app/finders/groups_finder.rb
@@ -16,7 +16,11 @@ class GroupsFinder < UnionFinder
   def all_groups
     groups = []
 
-    groups << current_user.authorized_groups if current_user
+    if current_user
+      groups_for_ancestors = find_union([current_user.authorized_groups, authorized_project_groups], Group)
+      groups_for_descendants = current_user.authorized_groups
+      groups << Gitlab::GroupHierarchy.new(groups_for_ancestors, groups_for_descendants).all_groups
+    end
     groups << Group.unscoped.public_to_user(current_user)
 
     groups
-- 
cgit v1.2.1