Merge branch '340716-show-flash-message-when-search-disabled' into 'master'

Show alert when search is disabled See merge request gitlab-org/gitlab!70249

Merge branch '340716-show-flash-message-when-search-disabled' into 'master'
Show alert when search is disabled See merge request gitlab-org/gitlab!70249
a55abcbd · David Kim · 4c795c12 · 7ba64b8c · a55abcbd · a55abcbd
Commit a55abcbd authored Sep 14, 2021 by David Kim
7 changed files
--- a/app/controllers/concerns/issuable_collections.rb
+++ b/app/controllers/concerns/issuable_collections.rb
@@ -13,8 +13,16 @@ module IssuableCollections
  private
+  def show_alert_if_search_is_disabled
+    return if current_user || params[:search].blank? || !html_request? || Feature.disabled?(:disable_anonymous_search, type: :ops)
+    flash[:notice] = _('You must sign in to search for specific terms.')
+  end
  # rubocop:disable Gitlab/ModuleWithInstanceVariables
  def set_issuables_index
+    show_alert_if_search_is_disabled
    @issuables = issuables_collection
    unless pagination_disabled?

--- a/app/controllers/concerns/issuable_collections_action.rb
+++ b/app/controllers/concerns/issuable_collections_action.rb
@@ -7,6 +7,8 @@ module IssuableCollectionsAction
  # rubocop:disable Gitlab/ModuleWithInstanceVariables
  def issues
+    show_alert_if_search_is_disabled
    @issues = issuables_collection
              .non_archived
              .page(params[:page])
@@ -20,6 +22,8 @@ module IssuableCollectionsAction
  end
  def merge_requests
+    show_alert_if_search_is_disabled
    @merge_requests = issuables_collection.page(params[:page])
    @issuable_meta_data = Gitlab::IssuableMetadata.new(current_user, @merge_requests).data

--- a/ee/spec/controllers/groups/epics_controller_spec.rb
+++ b/ee/spec/controllers/groups/epics_controller_spec.rb
@@ -97,6 +97,15 @@ RSpec.describe Groups::EpicsController do
            expect(response).to have_gitlab_http_status(:ok)
          end
        end
+        it_behaves_like 'issuable list with anonymous search disabled' do
+          let(:params) { { group_id: group } }
+          before do
+            sign_out(user)
+            group.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+          end
+        end
      end
      context 'with page param' do

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -38695,6 +38695,9 @@ msgstr ""
 msgid "You must provide your current password in order to change it."
 msgstr ""
+msgid "You must sign in to search for specific terms."
+msgstr ""
 msgid "You must solve the CAPTCHA in order to submit"
 msgstr ""

--- a/spec/controllers/projects/issues_controller_spec.rb
+++ b/spec/controllers/projects/issues_controller_spec.rb
@@ -109,6 +109,14 @@ RSpec.describe Projects::IssuesController do
      end
    end
+    it_behaves_like 'issuable list with anonymous search disabled' do
+      let(:params) { { namespace_id: project.namespace, project_id: project } }
+      before do
+        project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+      end
+    end
    it_behaves_like 'paginated collection' do
      let!(:issue_list) { create_list(:issue, 2, project: project) }
      let(:collection) { project.issues }

--- a/spec/controllers/projects/merge_requests_controller_spec.rb
+++ b/spec/controllers/projects/merge_requests_controller_spec.rb
@@ -349,6 +349,15 @@ RSpec.describe Projects::MergeRequestsController do
        end
      end
    end
+    it_behaves_like 'issuable list with anonymous search disabled' do
+      let(:params) { { namespace_id: project.namespace, project_id: project } }
+      before do
+        sign_out(user)
+        project.update!(visibility_level: Gitlab::VisibilityLevel::PUBLIC)
+      end
+    end
  end
  describe 'PUT update' do

--- a/spec/support/shared_examples/controllers/issuable_anonymous_search_disabled_examples.rb
+++ b/spec/support/shared_examples/controllers/issuable_anonymous_search_disabled_examples.rb
+# frozen_string_literal: true
+RSpec.shared_examples 'issuable list with anonymous search disabled' do |action|
+  let(:controller_action) { :index }
+  let(:params_with_search) { params.merge(search: 'some search term') }
+  context 'when disable_anonymous_search is enabled' do
+    before do
+      stub_feature_flags(disable_anonymous_search: true)
+    end
+    it 'shows a flash message' do
+      get controller_action, params: params_with_search
+      expect(flash[:notice]).to eq('You must sign in to search for specific terms.')
+    end
+    context 'when search param is not given' do
+      it 'does not show a flash message' do
+        get controller_action, params: params
+        expect(flash[:notice]).to be_nil
+      end
+    end
+    context 'when user is signed-in' do
+      it 'does not show a flash message' do
+        sign_in(create(:user))
+        get controller_action, params: params_with_search
+        expect(flash[:notice]).to be_nil
+      end
+    end
+    context 'when format is not HTML' do
+      it 'does not show a flash message' do
+        get controller_action, params: params_with_search.merge(format: :atom)
+        expect(flash[:notice]).to be_nil
+      end
+    end
+  end
+  context 'when disable_anonymous_search is disabled' do
+    before do
+      stub_feature_flags(disable_anonymous_search: false)
+    end
+    it 'does not show a flash message' do
+      get controller_action, params: params_with_search
+      expect(flash[:notice]).to be_nil
+    end
+  end
+end