Commit 24fc7c87 authored by Rémy Coutable's avatar Rémy Coutable 🏔

Merge branch...

Merge branch '19650-remove-admin-section-from-search-results-if-user-doesnt-have-access' into 'master'

Hide admin link from default search results for non-admins

Closes #19650

See merge request !14015
parents 1632ffa6 ed43c6f1
Pipeline #11493612 failed with stages
in 82 minutes and 16 seconds
......@@ -10,6 +10,7 @@ module SearchHelper
search_pattern = Regexp.new(Regexp.escape(term), "i")
generic_results = project_autocomplete + default_autocomplete + help_autocomplete
generic_results.concat(default_autocomplete_admin) if current_user.admin?
generic_results.select! { |result| result[:label] =~ search_pattern }
[
......@@ -41,8 +42,14 @@ module SearchHelper
[
{ category: "Settings", label: "User settings", url: profile_path },
{ category: "Settings", label: "SSH Keys", url: profile_keys_path },
{ category: "Settings", label: "Dashboard", url: root_path },
{ category: "Settings", label: "Admin Section", url: admin_root_path }
{ category: "Settings", label: "Dashboard", url: root_path }
]
end
# Autocomplete results for settings pages, for admins
def default_autocomplete_admin
[
{ category: "Settings", label: "Admin Section", url: admin_root_path }
]
end
......
---
title: Hide admin link from default search results for non-admins
merge_request: 14015
author:
type: fixed
......@@ -17,7 +17,7 @@ describe SearchHelper do
end
end
context "with a user" do
context "with a standard user" do
let(:user) { create(:user) }
before do
......@@ -29,7 +29,11 @@ describe SearchHelper do
end
it "includes default sections" do
expect(search_autocomplete_opts("adm").size).to eq(1)
expect(search_autocomplete_opts("dash").size).to eq(1)
end
it "does not include admin sections" do
expect(search_autocomplete_opts("admin").size).to eq(0)
end
it "does not allow regular expression in search term" do
......@@ -67,6 +71,18 @@ describe SearchHelper do
end
end
end
context 'with an admin user' do
let(:admin) { create(:admin) }
before do
allow(self).to receive(:current_user).and_return(admin)
end
it "includes admin sections" do
expect(search_autocomplete_opts("admin").size).to eq(1)
end
end
end
describe 'search_filter_input_options' do
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment