Commit b35d5a6a authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'public_profiles' into 'master'

Make all group public

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/1219#

Internal issue - https://dev.gitlab.org/gitlab/gitlabhq/issues/1361

See merge request !1247
parents c0c314c6 3e97de83
......@@ -32,7 +32,7 @@ v 8.0.0 (unreleased)
- Fix 500 error when submit project snippet without body
- Improve search page usability
- Bring more UI consistency in way how projects, snippets and groups lists are rendered
- Make all profiles public
- Make all profiles and group public
- Fixed login failure when extern_uid changes (Joel Koglin)
- Don't notify users without access to the project when they are (accidentally) mentioned in a note.
- Retrieving oauth token with LDAP credentials
......
......@@ -152,7 +152,6 @@
}
.collapse-nav a {
left: 0px;
width: $sidebar_collapsed_width;
}
......@@ -171,6 +170,7 @@
width: $sidebar_width;
position: fixed;
bottom: 0;
left: 0;
font-size: 13px;
background: transparent;
height: 40px;
......
......@@ -4,7 +4,7 @@ class GroupsController < Groups::ApplicationController
before_action :group, except: [:new, :create]
# Authorize
before_action :authorize_read_group!, except: [:new, :create]
before_action :authorize_read_group!, except: [:show, :new, :create]
before_action :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
before_action :authorize_create_group!, only: [:new, :create]
......
......@@ -14,7 +14,7 @@ class NamespacesController < ApplicationController
if user
redirect_to user_path(user)
elsif group && can?(current_user, :read_group, group)
elsif group
redirect_to group_path(group)
elsif current_user.nil?
authenticate_user!
......
- unless can?(current_user, :read_group, @group)
- @disable_search_panel = true
= content_for :meta_tags do
- if current_user
= auto_discovery_link_tag(:atom, group_url(@group, format: :atom, private_token: current_user.private_token), title: "#{@group.name} activity")
......@@ -16,13 +19,13 @@
= render 'shared/show_aside'
- if can?(current_user, :read_group, @group)
.row
%section.activities.col-md-7
.hidden-xs
- if current_user
= render "events/event_last_push", event: @last_push
- if current_user
%ul.nav.nav-pills.event_filter.pull-right
%li
= link_to group_path(@group, { format: :atom, private_token: current_user.private_token }), title: "Feed", class: 'rss-btn' do
......@@ -35,3 +38,6 @@
= spinner
%aside.side.col-md-5
= render "projects", projects: @projects
- else
%p
This group does not have public projects
......@@ -7,6 +7,7 @@
.navbar-collapse.collapse
%ul.nav.navbar-nav.pull-right
- unless @disable_search_panel
%li.hidden-sm.hidden-xs
= render 'layouts/search'
%li.visible-sm.visible-xs
......
......@@ -12,6 +12,7 @@
= icon('dashboard fw')
%span
Group
- if can?(current_user, :read_group, @group)
- if current_user
= nav_link(controller: [:group, :milestones]) do
= link_to group_milestones_path(@group), title: 'Milestones', data: {placement: 'right'} do
......
......@@ -3,20 +3,6 @@ Feature: Explore Groups
Background:
Given group "TestGroup" has private project "Enterprise"
Scenario: I should not see group with private projects as visitor
When I visit group "TestGroup" page
Then I should be redirected to sign in page
Scenario: I should not see group with private projects group as user
When I sign in as a user
And I visit group "TestGroup" page
Then page status code should be 404
Scenario: I should not see group with private and internal projects as visitor
Given group "TestGroup" has internal project "Internal"
When I visit group "TestGroup" page
Then I should be redirected to sign in page
Scenario: I should see group with private and internal projects as user
Given group "TestGroup" has internal project "Internal"
When I sign in as a user
......
......@@ -159,3 +159,14 @@ Feature: Groups
When I visit group "Owned" projects page
Then I should see group "Owned" projects list
And I should see "archived" label
# Public group
@javascript
Scenario: Signed out user should see group
Given "Mary Jane" is owner of group "Owned"
And I am a signed out user
And Group "Owned" has a public project "Public-project"
When I visit group "Owned" page
Then I should see group "Owned"
Then I should see project "Public-project"
......@@ -17,6 +17,26 @@ class Spinach::Features::Groups < Spinach::FeatureSteps
find(:css, 'button.btn-new').click
end
step 'I should see group "Owned"' do
expect(page).to have_content '@owned'
end
step 'I am a signed out user' do
logout
end
step 'Group "Owned" has a public project "Public-project"' do
group = Group.find_by(name: "Owned")
@project = create :empty_project, :public,
group: group,
name: "Public-project"
end
step 'I should see project "Public-project"' do
expect(page).to have_content 'Public-project'
end
step 'I select "Mike" as "Reporter"' do
user = User.find_by(name: "Mike")
......
......@@ -46,13 +46,11 @@ describe NamespacesController do
context "when the project doesn't have public projects" do
context "when not signed in" do
it "redirects to the sign in page" do
it "does not redirect to the sign in page" do
get :show, id: group.path
expect(response).to redirect_to(new_user_session_path)
expect(response).not_to redirect_to(new_user_session_path)
end
end
context "when signed in" do
before do
sign_in(user)
......@@ -86,10 +84,10 @@ describe NamespacesController do
end
context "when the user doesn't have access to the project" do
it "responds with status 404" do
it "redirects to the group's page" do
get :show, id: group.path
expect(response.status).to eq(404)
expect(response).to redirect_to(group_path(group))
end
end
end
......
......@@ -156,14 +156,6 @@ describe UploadsController do
end
context "when the project doesn't have public projects" do
context "when not signed in" do
it "redirects to the sign in page" do
get :show, model: "group", mounted_as: "avatar", id: group.id, filename: "image.png"
expect(response).to redirect_to(new_user_session_path)
end
end
context "when signed in" do
before do
sign_in(user)
......
......@@ -68,7 +68,7 @@ describe 'Group access', feature: true do
it { is_expected.to be_allowed_for group_member(:guest) }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_denied_for :visitor }
it { is_expected.to be_allowed_for :visitor }
end
context 'with no projects' do
......@@ -77,8 +77,8 @@ describe 'Group access', feature: true do
it { is_expected.to be_allowed_for group_member(:reporter) }
it { is_expected.to be_allowed_for group_member(:guest) }
it { is_expected.to be_allowed_for :admin }
it { is_expected.to be_denied_for :user }
it { is_expected.to be_denied_for :visitor }
it { is_expected.to be_allowed_for :user }
it { is_expected.to be_allowed_for :visitor }
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment