webhook: don't forbid users to see the webhooks on their personal nam…

…espace Fixes #980 Signed-off-by: Miquel Sabaté Solà <msabate@suse.com>
SUSE · Jul 18, 2016 · 4a4a67c · 4a4a67c
1 parent 63971b4
commit 4a4a67c
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/app/policies/webhook_policy.rb b/app/policies/webhook_policy.rb
@@ -43,11 +43,10 @@ def resolve
                      .joins(team: [:team_users])
                      .where(
                        "(namespaces.visibility = :public OR namespaces.visibility = :protected OR "\
-                       "team_users.user_id = :user_id) AND " \
-                       "namespaces.global = :global AND namespaces.name != :username",
+                       "team_users.user_id = :user_id) AND namespaces.global = :global",
             public: Namespace.visibilities[:visibility_public],
             protected: Namespace.visibilities[:visibility_protected], user_id: user.id,
-            global: false, username: user.username
+            global: false
                      )
                      .pluck(:id)
 

diff --git a/spec/policies/webhook_policy_spec.rb b/spec/policies/webhook_policy_spec.rb
@@ -75,8 +75,10 @@
       expect(Pundit.policy_scope(viewer, Webhook).to_a).to match_array(expected)
     end
 
-    it "does not show webhooks to user" do
+    it "does show webhooks to user when appropiate" do
       expect(Pundit.policy_scope(user, Webhook).to_a).to be_empty
+      create(:webhook, namespace: user.namespace)
+      expect(Pundit.policy_scope(user, Webhook).to_a).to_not be_empty
     end
   end
 end