Automatic merge of gitlab-org/gitlab-ce master

60d0ce8a · GitLab Bot · 2f7ee20d · 535410a9 · 60d0ce8a · 60d0ce8a
Commit 60d0ce8a authored Mar 13, 2019 by GitLab Bot
7 changed files
--- a/app/assets/javascripts/emoji/index.js
+++ b/app/assets/javascripts/emoji/index.js
@@ -33,10 +33,7 @@ export function initEmojiMap() {
      }

      axiosInstance
-        .get(
-          `${gon.asset_host || ''}${gon.relative_url_root ||
-            ''}/-/emojis/${EMOJI_VERSION}/emojis.json`,
-        )
+        .get(`${gon.relative_url_root || ''}/-/emojis/${EMOJI_VERSION}/emojis.json`)
        .then(({ data }) => {
          emojiMap = data;
          validEmojiNames = [...Object.keys(emojiMap), ...Object.keys(emojiAliases)];

--- a/app/policies/group_policy.rb
+++ b/app/policies/group_policy.rb
@@ -26,7 +26,7 @@ class GroupPolicy < BasePolicy
  condition(:can_change_parent_share_with_group_lock) { can?(:change_share_with_group_lock, @subject.parent) }

  condition(:has_projects) do
-    GroupProjectsFinder.new(group: @subject, current_user: @user, options: { include_subgroups: true }).execute.any?
+    GroupProjectsFinder.new(group: @subject, current_user: @user, options: { include_subgroups: true, only_owned: true }).execute.any?
  end

  condition(:has_clusters, scope: :subject) { clusterable_has_clusters? }
@@ -55,6 +55,7 @@ class GroupPolicy < BasePolicy
  rule { has_projects }.policy do
    enable :read_list
    enable :read_label
+    enable :read_group
  end

  rule { has_access }.enable :read_namespace

--- a/changelogs/unreleased/modify_group_policy.yml
+++ b/changelogs/unreleased/modify_group_policy.yml
+---
+title: Allow project members to see private group if the project is in the group namespace
+merge_request:
+author:
+type: fixed
--- a/changelogs/unreleased/sh-fix-blank-codeowners-ce.yml
+++ b/changelogs/unreleased/sh-fix-blank-codeowners-ce.yml
+---
+title: Fix 500 error caused by CODEOWNERS with no matches
+merge_request: 26072
+author:
+type: fixed
--- a/lib/gitlab/user_extractor.rb
+++ b/lib/gitlab/user_extractor.rb
@@ -16,6 +16,7 @@ module Gitlab

    def users
      return User.none unless @text.present?
+      return User.none if references.empty?

      @users ||= User.from_union(union_relations)
    end

--- a/spec/features/security/group/private_access_spec.rb
+++ b/spec/features/security/group/private_access_spec.rb
@@ -28,7 +28,7 @@ describe 'Private Group access' do
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
-    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_allowed_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
@@ -44,7 +44,7 @@ describe 'Private Group access' do
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
-    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_allowed_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
@@ -61,7 +61,7 @@ describe 'Private Group access' do
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
-    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_allowed_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
@@ -77,7 +77,7 @@ describe 'Private Group access' do
    it { is_expected.to be_allowed_for(:developer).of(group) }
    it { is_expected.to be_allowed_for(:reporter).of(group) }
    it { is_expected.to be_allowed_for(:guest).of(group) }
-    it { is_expected.to be_denied_for(project_guest) }
+    it { is_expected.to be_allowed_for(project_guest) }
    it { is_expected.to be_denied_for(:user) }
    it { is_expected.to be_denied_for(:external) }
    it { is_expected.to be_denied_for(:visitor) }
@@ -101,6 +101,7 @@ describe 'Private Group access' do

  describe 'GET /groups/:path for shared projects' do
    let(:project) { create(:project, :public) }
+
    before do
      Projects::GroupLinks::CreateService.new(
        project,

--- a/spec/lib/gitlab/user_extractor_spec.rb
+++ b/spec/lib/gitlab/user_extractor_spec.rb
@@ -60,6 +60,14 @@ describe Gitlab::UserExtractor do
    it 'includes all mentioned usernames' do
      expect(extractor.matches[:usernames]).to contain_exactly('user-1', 'user-2', 'user-4')
    end
+
+    context 'input has no matching e-mail or usernames' do
+      it 'returns an empty list of users' do
+        extractor = described_class.new('My test')
+
+        expect(extractor.users).to be_empty
+      end
+    end
  end

  describe '#references' do