Show projects that are not private and are shared with the group.

dbeca1c6 · Marin Jankovski · 7567614d · dbeca1c6 · dbeca1c6
Commit dbeca1c6 authored Aug 19, 2014 by Marin Jankovski
Hide whitespace changes
Inline Side-by-side

Showing with 35 additions and 7 deletions

app/finders/projects_finder.rb app/finders/projects_finder.rb +16 -7

spec/finders/projects_finder_spec.rb spec/finders/projects_finder_spec.rb +19 -0

No files found.
--- a/app/finders/projects_finder.rb
+++ b/app/finders/projects_finder.rb
@@ -32,20 +32,29 @@ class ProjectsFinder
          #   internal projects
          #   joined projects
          #
-          group.projects.where(
-            "projects.id IN (?) OR projects.visibility_level IN (?)",
-            projects_members.pluck(:project_id),
-            Project.public_and_internal_levels
-          )
+          projects_ids = projects_members.pluck(:project_id)
        else
          # User has no access to group or group projects
+          # or has access through shared project
          #
          # Return only:
          #   public projects
          #   internal projects
-          #
-          group.projects.public_and_internal_only
+          #   shared projects
+
+          projects_ids = []
+          ProjectGroupLink.where(project_id: group.projects).each do |shared_project|
+            if shared_project.group.users.include?(current_user) || shared_project.project.users.include?(current_user)
+              projects_ids << shared_project.project.id
+            end
+          end
        end
+
+        group.projects.where(
+          "projects.id IN (?) OR projects.visibility_level IN (?)",
+          projects_ids,
+          Project.public_and_internal_levels
+        )
      end
    else
      # Not authenticated

--- a/spec/finders/projects_finder_spec.rb
+++ b/spec/finders/projects_finder_spec.rb
@@ -3,11 +3,16 @@ require 'spec_helper'
 describe ProjectsFinder do
  let(:user) { create :user }
  let(:group) { create :group }
+  let(:group2) { create :group }

  let(:project1) { create(:empty_project, :public,   group: group) }
  let(:project2) { create(:empty_project, :internal, group: group) }
  let(:project3) { create(:empty_project, :private,  group: group) }
  let(:project4) { create(:empty_project, :private,  group: group) }
+  let(:project5) { create(:empty_project, :private,  group: group2) }
+  let(:project6) { create(:empty_project, :internal,  group: group2) }
+  let(:project7) { create(:empty_project, :public,  group: group2) }
+  let(:project8) { create(:empty_project, :private,  group: group2) }

  context 'non authenticated' do
    subject { ProjectsFinder.new.execute(nil, group: group) }
@@ -48,4 +53,18 @@ describe ProjectsFinder do
    it { should include(project3) }
    it { should include(project4) }
  end
+
+  context 'authenticated, group memeber with project shared with group' do
+    before {
+      group.add_user(user, Gitlab::Access::DEVELOPER)
+      project5.project_group_links.create group_access: Gitlab::Access::MASTER, group: group
+    }
+
+    subject { ProjectsFinder.new.execute(user, group: group2) }
+
+    it { should include(project5) }
+    it { should include(project6) }
+    it { should include(project7) }
+    it { should_not include(project8) }
+  end
 end