Add definition of before action that has been moved

Closes #14528

CHANGELOG

@@ -7,6 +7,7 @@ v 8.7.0 (unreleased)
 
 v 8.6.2 (unreleased)
   - Comments on confidential issues don't show up in activity feed to non-members
+  - Fix NoMethodError when visiting CI root path at `/ci`
 
 v 8.6.1
   - Add option to reload the schema before restoring a database backup. !2807

app/controllers/ci/projects_controller.rb

 module Ci
   class ProjectsController < Ci::ApplicationController
     before_action :project
-    before_action :authorize_read_project!, except: [:badge]
     before_action :no_cache, only: [:badge]
+    before_action :authorize_read_project!, except: [:badge, :index]
     skip_before_action :authenticate_user!, only: [:badge]
     protect_from_forgery
 
@@ -35,5 +35,9 @@ module Ci
       response.headers["Pragma"] = "no-cache"
       response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT"
     end
+
+    def authorize_read_project!
+      return access_denied! unless can?(current_user, :read_project, project)
+    end
   end
 end

spec/controllers/ci/projects_controller_spec.rb

@@ -5,6 +5,16 @@ describe Ci::ProjectsController do
   let!(:project) { create(:project, visibility, ci_id: 1) }
   let(:ci_id) { project.ci_id }
 
+  describe '#index' do
+    let(:user) { create(:user) }
+    before { sign_in(user) }
+    before { get(:index) }
+
+    it 'returns 200' do
+      expect(response.status).to eq 200
+    end
+  end
+
   ##
   # Specs for *deprecated* CI badge
   #