Skip authorization check when searching for labels on IssuableFinder

parent bc7895ff
...@@ -126,7 +126,7 @@ class IssuableFinder ...@@ -126,7 +126,7 @@ class IssuableFinder
@labels = @labels =
if labels? && !filter_by_no_label? if labels? && !filter_by_no_label?
LabelsFinder.new(current_user, project_ids: projects, title: label_names).execute LabelsFinder.new(current_user, project_ids: projects, title: label_names).execute(skip_authorization: true)
else else
Label.none Label.none
end end
...@@ -273,7 +273,7 @@ class IssuableFinder ...@@ -273,7 +273,7 @@ class IssuableFinder
items = items.with_label(label_names, params[:sort]) items = items.with_label(label_names, params[:sort])
if projects if projects
label_ids = LabelsFinder.new(current_user, project_ids: projects).execute.select(:id) label_ids = LabelsFinder.new(current_user, project_ids: projects).execute(skip_authorization: true).select(:id)
items = items.where(labels: { id: label_ids }) items = items.where(labels: { id: label_ids })
end end
end end
......
...@@ -22,7 +22,7 @@ class LabelsFinder < UnionFinder ...@@ -22,7 +22,7 @@ class LabelsFinder < UnionFinder
label_ids << project.group.labels if project.group.present? label_ids << project.group.labels if project.group.present?
label_ids << project.labels label_ids << project.labels
else else
label_ids << Label.where(group_id: projects.group_ids.uniq) label_ids << Label.where(group_id: projects.group_ids)
label_ids << Label.where(project_id: projects.select(:id)) label_ids << Label.where(project_id: projects.select(:id))
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment