Merge branch '30917-wiki-is-not-searchable-with-guest-permissions' into 'master'

Resolve "Wiki is not searchable with Guest permissions" Closes #30917 See merge request !11613

Merge branch '30917-wiki-is-not-searchable-with-guest-permissions' into 'master'
Resolve "Wiki is not searchable with Guest permissions" Closes #30917 See merge request !11613
08a17d15 · Douwe Maan · fd2993b5 · be9ffbaf · 08a17d15 · 08a17d15
Commit 08a17d15 authored May 29, 2017 by Douwe Maan
6 changed files
--- a/app/helpers/projects_helper.rb
+++ b/app/helpers/projects_helper.rb
@@ -85,6 +85,12 @@ module ProjectsHelper
    @nav_tabs ||= get_project_nav_tabs(@project, current_user)
  end

+  def project_search_tabs?(tab)
+    abilities = Array(search_tab_ability_map[tab])
+
+    abilities.any? { |ability| can?(current_user, ability, @project) }
+  end
+
  def project_nav_tab?(name)
    project_nav_tabs.include? name
  end
@@ -204,7 +210,17 @@ module ProjectsHelper
      nav_tabs << :container_registry
    end

-    tab_ability_map = {
+    tab_ability_map.each do |tab, ability|
+      if can?(current_user, ability, project)
+        nav_tabs << tab
+      end
+    end
+
+    nav_tabs.flatten
+  end
+
+  def tab_ability_map
+    {
      environments: :read_environment,
      milestones:   :read_milestone,
      pipelines:    :read_pipeline,
@@ -216,14 +232,15 @@ module ProjectsHelper
      team:         :read_project_member,
      wiki:         :read_wiki
    }
+  end

-    tab_ability_map.each do |tab, ability|
-      if can?(current_user, ability, project)
-        nav_tabs << tab
-      end
-    end
-
-    nav_tabs.flatten
+  def search_tab_ability_map
+    @search_tab_ability_map ||= tab_ability_map.merge(
+      blobs:          :download_code,
+      commits:        :download_code,
+      merge_requests: :read_merge_request,
+      notes:          [:read_merge_request, :download_code, :read_issue, :read_project_snippet]
+    )
  end

  def project_lfs_status(project)

--- a/app/services/search_service.rb
+++ b/app/services/search_service.rb
@@ -12,7 +12,7 @@ class SearchService
    @project =
      if params[:project_id].present?
        the_project = Project.find_by(id: params[:project_id])
-        can?(current_user, :download_code, the_project) ? the_project : nil
+        can?(current_user, :read_project, the_project) ? the_project : nil
      else
        nil
      end

--- a/app/views/search/_category.html.haml
+++ b/app/views/search/_category.html.haml
@@ -3,41 +3,48 @@
  .fade-right= icon('angle-right')
  %ul.nav-links.search-filter.scrolling-tabs
    - if @project
-      %li{ class: active_when(@scope == 'blobs') }
-        = link_to search_filter_path(scope: 'blobs') do
-          Code
-          %span.badge
-            = @search_results.blobs_count
-      %li{ class: active_when(@scope == 'issues') }
-        = link_to search_filter_path(scope: 'issues') do
-          Issues
-          %span.badge
-            = @search_results.issues_count
-      %li{ class: active_when(@scope == 'merge_requests') }
-        = link_to search_filter_path(scope: 'merge_requests') do
-          Merge requests
-          %span.badge
-            = @search_results.merge_requests_count
-      %li{ class: active_when(@scope == 'milestones') }
-        = link_to search_filter_path(scope: 'milestones') do
-          Milestones
-          %span.badge
-            = @search_results.milestones_count
-      %li{ class: active_when(@scope == 'notes') }
-        = link_to search_filter_path(scope: 'notes') do
-          Comments
-          %span.badge
-            = @search_results.notes_count
-      %li{ class: active_when(@scope == 'wiki_blobs') }
-        = link_to search_filter_path(scope: 'wiki_blobs') do
-          Wiki
-          %span.badge
-            = @search_results.wiki_blobs_count
-      %li{ class: active_when(@scope == 'commits') }
-        = link_to search_filter_path(scope: 'commits') do
-          Commits
-          %span.badge
-            = @search_results.commits_count
+      - if project_search_tabs?(:blobs)
+        %li{ class: active_when(@scope == 'blobs') }
+          = link_to search_filter_path(scope: 'blobs') do
+            Code
+            %span.badge
+              = @search_results.blobs_count
+      - if project_search_tabs?(:issues)
+        %li{ class: active_when(@scope == 'issues') }
+          = link_to search_filter_path(scope: 'issues') do
+            Issues
+            %span.badge
+              = @search_results.issues_count
+      - if project_search_tabs?(:merge_requests)
+        %li{ class: active_when(@scope == 'merge_requests') }
+          = link_to search_filter_path(scope: 'merge_requests') do
+            Merge requests
+            %span.badge
+              = @search_results.merge_requests_count
+      - if project_search_tabs?(:milestones)
+        %li{ class: active_when(@scope == 'milestones') }
+          = link_to search_filter_path(scope: 'milestones') do
+            Milestones
+            %span.badge
+              = @search_results.milestones_count
+      - if project_search_tabs?(:notes)
+        %li{ class: active_when(@scope == 'notes') }
+          = link_to search_filter_path(scope: 'notes') do
+            Comments
+            %span.badge
+              = @search_results.notes_count
+      - if project_search_tabs?(:wiki)
+        %li{ class: active_when(@scope == 'wiki_blobs') }
+          = link_to search_filter_path(scope: 'wiki_blobs') do
+            Wiki
+            %span.badge
+              = @search_results.wiki_blobs_count
+      - if project_search_tabs?(:commits)
+        %li{ class: active_when(@scope == 'commits') }
+          = link_to search_filter_path(scope: 'commits') do
+            Commits
+            %span.badge
+              = @search_results.commits_count

    - elsif @show_snippets
      %li{ class: active_when(@scope == 'snippet_blobs') }

--- a/changelogs/unreleased/30917-wiki-is-not-searchable-with-guest-permissions.yml
+++ b/changelogs/unreleased/30917-wiki-is-not-searchable-with-guest-permissions.yml
+---
+title: 'Fix: Wiki is not searchable with Guest permissions'
+merge_request:
+author:
--- a/spec/lib/gitlab/project_search_results_spec.rb
+++ b/spec/lib/gitlab/project_search_results_spec.rb
@@ -123,8 +123,8 @@ describe Gitlab::ProjectSearchResults, lib: true do
    context 'when wiki is internal' do
      let(:project) { create(:project, :public, :wiki_private) }

-      it 'finds wiki blobs for members' do
-        project.add_reporter(user)
+      it 'finds wiki blobs for guest' do
+        project.add_guest(user)

        is_expected.not_to be_empty
      end

--- a/spec/services/search_service_spec.rb
+++ b/spec/services/search_service_spec.rb
@@ -26,6 +26,15 @@ describe SearchService, services: true do

        expect(project).to eq accessible_project
      end
+
+      it 'returns the project for guests' do
+        search_project = create :empty_project
+        search_project.add_guest(user)
+
+        project = SearchService.new(user, project_id: search_project.id).project
+
+        expect(project).to eq search_project
+      end
    end

    context 'when the project is not accessible' do