Commit 7f97a127 authored by Valery Sizov's avatar Valery Sizov

internal snippets: fix exposing of title

parent 9712fbcd
v 7.4.2
- Fix internal snippet exposing for unauthenticated users
v 7.4.1
- Fix LDAP authentication for Git HTTP access
- Fix LDAP config lookup for provider 'ldap'
- Fix public snippets
- Fix 500 error on projects with nested submodules
v 7.4.0
- Refactored membership logic
......
......@@ -29,6 +29,8 @@ class SnippetsFinder
def by_user(current_user, user, scope)
snippets = user.snippets.fresh.non_expired
return snippets.are_public unless current_user
if user == current_user
case scope
when 'are_internal' then
......
......@@ -64,6 +64,13 @@ describe SnippetsFinder do
snippets = SnippetsFinder.new.execute(user, filter: :by_user, user: user)
snippets.should include(@snippet1, @snippet2, @snippet3)
end
it "returns only public snippets if unauthenticated user" do
snippets = SnippetsFinder.new.execute(nil, filter: :by_user, user: user)
snippets.should include(@snippet3)
snippets.should_not include(@snippet2, @snippet1)
end
end
context 'by_project filter' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment