Always allow references to the current project

72afcbcd · Douwe Maan · f42cfa9e · 72afcbcd · 72afcbcd · 72afcbcd
Commit 72afcbcd authored 9 years ago by Douwe Maan
--- a/app/models/concerns/mentionable.rb
+++ b/app/models/concerns/mentionable.rb
@@ -61,7 +61,6 @@ module Mentionable
    ext = Gitlab::ReferenceExtractor.new(p, current_user)
    ext.analyze(text)
    (ext.issues + ext.merge_requests + ext.commits).uniq - [local_reference]
  end

--- a/lib/gitlab/markdown/redactor_filter.rb
+++ b/lib/gitlab/markdown/redactor_filter.rb
@@ -26,7 +26,7 @@ module Gitlab
          reference_type = node.attr('data-reference-filter')
          reference_filter = reference_type.constantize
-          reference_filter.user_can_reference?(current_user, node)
+          reference_filter.user_can_reference?(current_user, node, context)
        else
          true
        end

--- a/lib/gitlab/markdown/reference_filter.rb
+++ b/lib/gitlab/markdown/reference_filter.rb
@@ -15,9 +15,12 @@ module Gitlab
    # Results:
    #   :references - A Hash of references that were found and replaced.
    class ReferenceFilter < HTML::Pipeline::Filter
-      def self.user_can_reference?(user, node)
+      def self.user_can_reference?(user, node, context)
        if node.has_attribute?('data-project')
-          project = Project.find(node.attr('data-project')) rescue nil
+          project_id = node.attr('data-project').to_i
+          return true if project_id == context[:project].id
+          project = Project.find(project_id) rescue nil
          Ability.abilities.allowed?(user, :read_project, project)
        else
          true

--- a/lib/gitlab/markdown/reference_gatherer_filter.rb
+++ b/lib/gitlab/markdown/reference_gatherer_filter.rb
@@ -31,7 +31,7 @@ module Gitlab
        reference_type = node.attr('data-reference-filter')
        reference_filter = reference_type.constantize
-        return unless reference_filter.user_can_reference?(current_user, node)
+        return unless reference_filter.user_can_reference?(current_user, node, context)
        references = reference_filter.referenced_by(node)
        return unless references

--- a/lib/gitlab/markdown/user_reference_filter.rb
+++ b/lib/gitlab/markdown/user_reference_filter.rb
@@ -42,7 +42,7 @@ module Gitlab
        end
      end
-      def self.user_can_reference?(user, node)
+      def self.user_can_reference?(user, node, context)
        if node.has_attribute?('data-group')
          group = Group.find(node.attr('data-group')) rescue nil
          Ability.abilities.allowed?(user, :read_group, group)

--- a/spec/lib/gitlab/reference_extractor_spec.rb
+++ b/spec/lib/gitlab/reference_extractor_spec.rb
@@ -2,7 +2,7 @@ require 'spec_helper'
 describe Gitlab::ReferenceExtractor do
  let(:project) { create(:project) }
-  subject { Gitlab::ReferenceExtractor.new(project, project.owner) }
+  subject { Gitlab::ReferenceExtractor.new(project, project.creator) }
  it 'accesses valid user objects' do
    @u_foo = create(:user, username: 'foo')
@@ -102,7 +102,7 @@ describe Gitlab::ReferenceExtractor do
    let(:issue) { create(:issue, project: other_project) }
    before do
-      other_project.team << [project.owner, :developer]
+      other_project.team << [project.creator, :developer]
    end
    it 'handles project issue references' do

--- a/spec/support/mentionable_shared_examples.rb
+++ b/spec/support/mentionable_shared_examples.rb
@@ -50,6 +50,8 @@ def common_mentionable_setup
    }
    extra_commits.each { |c| commitmap[c.short_id] = c }
+    allow(Project).to receive(:find).and_call_original
+    allow(Project).to receive(:find).with(project.id.to_s).and_return(project)
    allow(project.repository).to receive(:commit) { |sha| commitmap[sha] }
    set_mentionable_text.call(ref_string)