Fix searching notes and snippets as an auditor

395aacef · Nick Thomas · 3fa4d8ab · 395aacef · 395aacef · 395aacef
Commit 395aacef authored Apr 19, 2017 by Nick Thomas
6 changed files
--- a/app/models/concerns/elastic/notes_search.rb
+++ b/app/models/concerns/elastic/notes_search.rb
@@ -72,7 +72,7 @@ module Elastic
      end

      def self.confidentiality_filter(query_hash, current_user)
-        return query_hash if current_user && current_user.admin?
+        return query_hash if current_user && current_user.admin_or_auditor?

        filter = {
          bool: {

--- a/app/models/concerns/elastic/snippets_search.rb
+++ b/app/models/concerns/elastic/snippets_search.rb
@@ -73,7 +73,7 @@ module Elastic
      end

      def self.filter(query_hash, user)
-        return query_hash if user && user.admin?
+        return query_hash if user && user.admin_or_auditor?

        filter = if user
                   {

--- a/changelogs/unreleased-ee/2206-fix-note-and-snippet-search-as-auditor.yml
+++ b/changelogs/unreleased-ee/2206-fix-note-and-snippet-search-as-auditor.yml
+---
+title: Fix searching notes and snippets as an auditor
+merge_request: 1674
+author:
--- a/spec/factories/users.rb
+++ b/spec/factories/users.rb
@@ -66,6 +66,7 @@ FactoryGirl.define do
    end

    factory :admin, traits: [:admin]
+    factory :auditor, traits: [:auditor]
    factory :external_user, traits: [:external]
  end
 end
--- a/spec/models/concerns/elastic/note_spec.rb
+++ b/spec/models/concerns/elastic/note_spec.rb
@@ -101,6 +101,22 @@ describe Note, elastic: true do
      expect(Note.elastic_search('term', options: options).total_count).to eq(1)
    end

+    [:admin, :auditor].each do |user_type|
+      it "finds note for #{user_type}" do
+        superuser = create(user_type)
+        issue = create(:issue, :confidential, author: create(:user))
+
+        Sidekiq::Testing.inline! do
+          create_notes_for(issue, 'bla-bla term')
+          Gitlab::Elastic::Helper.refresh_index
+        end
+
+        options = { project_ids: [issue.project.id], current_user: superuser }
+
+        expect(Note.elastic_search('term', options: options).total_count).to eq(1)
+      end
+    end
+
    it "return notes with matching content for project members" do
      user = create :user
      issue = create :issue, :confidential, author: user

--- a/spec/models/concerns/elastic/snippet_spec.rb
+++ b/spec/models/concerns/elastic/snippet_spec.rb
@@ -60,13 +60,15 @@ describe Snippet, elastic: true do
      expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet]
    end

-    it 'returns all snippets for admins' do
-      admin = create(:admin)
+    [:admin, :auditor].each do |user_type|
+      it "returns all snippets for #{user_type}" do
+        superuser = create(user_type)

-      result = described_class.elastic_search_code('password', options: { user: admin })
+        result = described_class.elastic_search_code('password', options: { user: superuser })

-      expect(result.total_count).to eq(6)
-      expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet, project_private_snippet]
+        expect(result.total_count).to eq(6)
+        expect(result.records).to match_array [public_snippet, internal_snippet, private_snippet, project_public_snippet, project_internal_snippet, project_private_snippet]
+      end
    end
  end