Do not require authentication for CI status badge

This changes only deprecated CI badge that we keep for backwards
compatibility. See !3030#note_4041498.

app/controllers/ci/projects_controller.rb

@@ -19,7 +19,6 @@ module Ci
     #
     def badge
       return render_404 unless @project
-      authenticate_user! unless @project.public?
 
       image = Ci::ImageForBuildService.new.execute(@project, params)
       send_file image.path, filename: image.name, disposition: 'inline', type:"image/svg+xml"

spec/controllers/ci/projects_controller_spec.rb

@@ -9,6 +9,14 @@ describe Ci::ProjectsController do
   # Specs for *deprecated* CI badge
   #
   describe '#badge' do
+    shared_examples 'badge provider' do
+      it 'shows badge' do
+        expect(response.status).to eq 200
+        expect(response.headers)
+          .to include('Content-Type' => 'image/svg+xml')
+      end
+    end
+
     context 'user not signed in' do
       before { get(:badge, id: ci_id) }
 
@@ -22,18 +30,12 @@ describe Ci::ProjectsController do
 
       context 'project is public' do
         let(:visibility) { :public }
-
-        it 'is available without authentication' do
-          expect(response.status).to eq 200
-        end
+        it_behaves_like 'badge provider'
       end
 
       context 'project is private' do
         let(:visibility) { :private }
-
-        it 'requires authentication' do
-          expect(response.status).to eq 302
-        end
+        it_behaves_like 'badge provider'
       end
     end
 
@@ -44,10 +46,7 @@ describe Ci::ProjectsController do
 
       context 'private is internal' do
         let(:visibility) { :internal }
-
-        it 'shows badge to signed in user' do
-          expect(response.status).to eq 200
-        end
+        it_behaves_like 'badge provider'
       end
     end
   end