Commit cc6d315c authored by Sean McGivern's avatar Sean McGivern

Merge branch '2206-fix-note-and-snippet-search-as-auditor' into 'master'

Fix searching notes and snippets as an auditor

Closes #2206

See merge request !1674
parents c35cdd69 395aacef
......@@ -72,7 +72,7 @@ module Elastic
end
def self.confidentiality_filter(query_hash, current_user)
return query_hash if current_user && current_user.admin?
return query_hash if current_user && current_user.admin_or_auditor?
filter = {
bool: {
......
......@@ -73,7 +73,7 @@ module Elastic
end
def self.filter(query_hash, user)
return query_hash if user && user.admin?
return query_hash if user && user.admin_or_auditor?
filter = if user
{
......
---
title: Fix searching notes and snippets as an auditor
merge_request: 1674
author:
......@@ -66,6 +66,7 @@ FactoryGirl.define do
end
factory :admin, traits: [:admin]
factory :auditor, traits: [:auditor]
factory :external_user, traits: [:external]
end
end
......@@ -101,6 +101,22 @@ describe Note, elastic: true do
expect(Note.elastic_search('term', options: options).total_count).to eq(1)
end
[:admin, :auditor].each do |user_type|
it "finds note for #{user_type}" do
superuser = create(user_type)
issue = create(:issue, :confidential, author: create(:user))
Sidekiq::Testing.inline! do
create_notes_for(issue, 'bla-bla term')
Gitlab::Elastic::Helper.refresh_index
end
options = { project_ids: [issue.project.id], current_user: superuser }
expect(Note.elastic_search('term', options: options).total_count).to eq(1)
end
end
it "return notes with matching content for project members" do
user = create :user
issue = create :issue, :confidential, author: user
......
......@@ -60,13 +60,15 @@ describe Snippet, elastic: true do
expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet]
end
it 'returns all snippets for admins' do
admin = create(:admin)
[:admin, :auditor].each do |user_type|
it "returns all snippets for #{user_type}" do
superuser = create(user_type)
result = described_class.elastic_search_code('password', options: { user: admin })
result = described_class.elastic_search_code('password', options: { user: superuser })
expect(result.total_count).to eq(6)
expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet, project_private_snippet]
expect(result.total_count).to eq(6)
expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet, project_private_snippet]
end
end
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment