From 17bac49154a399d34e7b884551d2fb78dff3cea3 Mon Sep 17 00:00:00 2001
From: Robert Speicher <rspeicher@gmail.com>
Date: Tue, 19 Jul 2016 13:19:04 -0600
Subject: [PATCH] Ensure Owners are included in the scope for
 authorized_projects

Prior, when providing a `min_access_level` parameter to this method, we
called `Gitlab::Access.values` instead of `all_values`, mistakenly
omitting the `OWNER` level.

Fixes https://gitlab.com/gitlab-org/gitlab-ce/issues/19878
---
 app/models/user.rb       |  2 +-
 spec/models/user_spec.rb | 23 ++++++++++++++++-------
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 3d0a033785c..975e935fa20 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -854,7 +854,7 @@ class User < ActiveRecord::Base
                  groups.joins(:shared_projects).select(:project_id)]
 
     if min_access_level
-      scope = { access_level: Gitlab::Access.values.select { |access| access >= min_access_level } }
+      scope = { access_level: Gitlab::Access.all_values.select { |access| access >= min_access_level } }
       relations = [relations.shift] + relations.map { |relation| relation.where(members: scope) }
     end
 
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index fc74488ac0e..3bf82cf2668 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -887,16 +887,25 @@ describe User, models: true do
   end
 
   describe '#authorized_projects' do
-    let!(:user) { create(:user) }
-    let!(:private_project) { create(:project, :private) }
+    context 'with a minimum access level' do
+      it 'includes projects for which the user is an owner' do
+        user = create(:user)
+        project = create(:empty_project, :private, namespace: user.namespace)
 
-    before do
-      private_project.team << [user, Gitlab::Access::MASTER]
-    end
+        expect(user.authorized_projects(Gitlab::Access::REPORTER))
+          .to contain_exactly(project)
+      end
 
-    subject { user.authorized_projects }
+      it 'includes projects for which the user is a master' do
+        user = create(:user)
+        project = create(:empty_project, :private)
+
+        project.team << [user, Gitlab::Access::MASTER]
 
-    it { is_expected.to eq([private_project]) }
+        expect(user.authorized_projects(Gitlab::Access::REPORTER))
+          .to contain_exactly(project)
+      end
+    end
   end
 
   describe '#ci_authorized_runners' do
-- 
GitLab