diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb index d4dc75a523d03f83991d8ad345b23251848df5ec..65a8869cc0de142cdbbc95c258c18342ef717b4f 100644 --- a/app/controllers/search_controller.rb +++ b/app/controllers/search_controller.rb @@ -145,7 +145,7 @@ def authenticate? return true end - return true if ::Feature.disabled?(:allow_anonymous_searches, type: :ops) + return true unless ::Gitlab::CurrentSettings.anonymous_searches_allowed? false end diff --git a/app/helpers/application_settings_helper.rb b/app/helpers/application_settings_helper.rb index 8a8860b3fe2339d537a6ac3486e08f950aaed21f..774bddf5f21ee0a9b2a0d206dd0b3579d5236877 100644 --- a/app/helpers/application_settings_helper.rb +++ b/app/helpers/application_settings_helper.rb @@ -74,9 +74,16 @@ def enabled_protocol_button(container, protocol) def global_search_settings_checkboxes(form) [ + form.gitlab_ui_checkbox_component( + :anonymous_searches_allowed, + _("Allow unauthenticated users to use search"), + checkbox_options: { + checked: @application_setting.anonymous_searches_allowed, multiple: false + } + ), form.gitlab_ui_checkbox_component( :global_search_block_anonymous_searches_enabled, - _("Restrict global search to authenticated users"), + _("Restrict global search to authenticated users only"), checkbox_options: { checked: @application_setting.global_search_block_anonymous_searches_enabled, multiple: false } diff --git a/app/views/admin/application_settings/_global_search_settings.html.haml b/app/views/admin/application_settings/_global_search_settings.html.haml index 84986941cb9d55d9f09d728e95c67b6f37c42f57..cb9cd7b4e41942a3bcb0712d5c6dbed853858b32 100644 --- a/app/views/admin/application_settings/_global_search_settings.html.haml +++ b/app/views/admin/application_settings/_global_search_settings.html.haml @@ -1,10 +1,10 @@ -= render ::Layouts::SettingsBlockComponent.new(_('Global Search'), += render ::Layouts::SettingsBlockComponent.new(_('Visibility and access controls'), id: 'js-global-search-settings', testid: 'admin-global-search-settings', expanded: expanded_by_default?) do |c| - c.with_description do - = _('Configure settings for global search.') - = link_to _('Learn more.'), help_page_path('user/search/_index.md', anchor: 'disable-global-search-scopes'), target: '_blank', rel: 'noopener noreferrer' + = _('Configure search access and visibility settings for search scopes.') + = link_to _('Learn more.'), help_page_path('user/search/_index.md', anchor: 'restrict-search-access'), target: '_blank', rel: 'noopener noreferrer' - c.with_body do = gitlab_ui_form_for @application_setting, url: general_admin_application_settings_path(anchor: 'js-global-search-settings'), html: { class: 'fieldset-form', id: 'global-search-settings' } do |f| = form_errors(@application_setting) diff --git a/config/feature_flags/ops/allow_anonymous_searches.yml b/config/feature_flags/ops/allow_anonymous_searches.yml deleted file mode 100644 index 248beb7c39d531e2ed3eb133a2d6571a3d116392..0000000000000000000000000000000000000000 --- a/config/feature_flags/ops/allow_anonymous_searches.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -name: allow_anonymous_searches -introduced_by_url: https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138975 -rollout_issue_url: https://gitlab.com/gitlab-org/gitlab/-/issues/434218 -milestone: '16.7' -type: ops -group: group::global search -default_enabled: true diff --git a/doc/user/search/_index.md b/doc/user/search/_index.md index ab8efb825178febf1f2e0829638e6de9f30f7898..7c925934d69fd0054e902e056a24a598327eaf26 100644 --- a/doc/user/search/_index.md +++ b/doc/user/search/_index.md @@ -64,8 +64,9 @@ For more information, see [issue 477333](https://gitlab.com/gitlab-org/gitlab/-/ {{< history >}} - Restricting global search to authenticated users [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/41041) in GitLab 13.4 [with a flag](../../administration/feature_flags.md) named `block_anonymous_global_searches`. Disabled by default. -- Enabling or disabling anonymous searches [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138975) in GitLab 16.7 [with a flag](../../administration/feature_flags.md) named `allow_anonymous_searches`. Enabled by default. -- Enabling or disabling anonymous searches [generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/186727) in GitLab 17.11 as a UI option, instead of the `block_anonymous_global_searches` flag. +- Allowing search for unauthenticated users [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138975) in GitLab 16.7 [with a flag](../../administration/feature_flags.md) named `allow_anonymous_searches`. Enabled by default. +- Restricting global search to authenticated users [generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/186727) in GitLab 17.11. Feature flag `block_anonymous_global_searches` removed. +- Allowing search for unauthenticated users [generally available](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/190090) in GitLab 18.0. Feature flag `allow_anonymous_searches` removed. {{< /history >}} @@ -77,16 +78,22 @@ By default, requests to `/search` and global search are available for unauthenti To restrict `/search` to authenticated users only, do one of the following: -- [Restrict public visibility](../../administration/settings/visibility_and_access_controls.md#restrict-visibility-levels) - of the project or group. -- Disable the [feature flag](../../administration/feature_flags.md) `allow_anonymous_searches`. +- [Restrict visibility levels](../../administration/settings/visibility_and_access_controls.md#restrict-visibility-levels) + for the project or group. +- Restrict access in the **Admin** area: + + 1. On the left sidebar, at the bottom, select **Admin**. + 1. Select **Settings > Search**. + 1. Expand **Advanced search**. + 1. Clear the **Allow unauthenticated users to use search** checkbox. + 1. Select **Save changes**. To restrict global search to authenticated users only: 1. On the left sidebar, at the bottom, select **Admin**. 1. Select **Settings > Search**. -1. Expand **Global search** -1. Select **Restrict global search to authenticated users**. +1. Expand **Visibility and access controls** +1. Select the **Restrict global search to authenticated users only** checkbox. 1. Select **Save changes**. ## Disable global search scopes @@ -116,7 +123,7 @@ To disable one or more global search scopes: 1. On the left sidebar, at the bottom, select **Admin**. 1. Select **Settings > Search**. -1. Expand **Global search**. +1. Expand **Visibility and access controls**. 1. Clear the checkboxes for the scopes you want to disable. 1. Select **Save changes**. diff --git a/ee/app/helpers/ee/application_settings_helper.rb b/ee/app/helpers/ee/application_settings_helper.rb index 215ba426ca39d8d829b4d0ca23a7d8abe08b746a..ea9a183acf800736513b8fbff6533ca40ca102e4 100644 --- a/ee/app/helpers/ee/application_settings_helper.rb +++ b/ee/app/helpers/ee/application_settings_helper.rb @@ -286,7 +286,7 @@ def global_search_settings_checkboxes(form) ), form.gitlab_ui_checkbox_component( :global_search_wiki_enabled, - _("Show wiki in global search results"), + _("Show wikis in global search results"), checkbox_options: { checked: @application_setting.global_search_wiki_enabled, multiple: false } ) ] diff --git a/ee/spec/helpers/ee/application_settings_helper_spec.rb b/ee/spec/helpers/ee/application_settings_helper_spec.rb index 1ce11724401089573b4290215bf1b7c6054e103e..7d8d4899fc519eb1eb220deaf8af02cff6f7eed6 100644 --- a/ee/spec/helpers/ee/application_settings_helper_spec.rb +++ b/ee/spec/helpers/ee/application_settings_helper_spec.rb @@ -260,15 +260,16 @@ it 'returns correctly checked checkboxes' do helper.gitlab_ui_form_for(application_setting, url: search_admin_application_settings_path) do |form| result = helper.global_search_settings_checkboxes(form) - expect(result[0]).not_to have_checked_field('Restrict global search to authenticated users', with: 1) - expect(result[1]).to have_checked_field('Show issues in global search results', with: 1) - expect(result[2]).not_to have_checked_field('Show merge requests in global search results', with: 1) - expect(result[3]).to have_checked_field('Show snippets in global search results', with: 1) - expect(result[4]).not_to have_checked_field('Show users in global search results', with: 1) - expect(result[5]).to have_checked_field('Show code in global search results', with: 1) - expect(result[6]).not_to have_checked_field('Show commits in global search results', with: 1) - expect(result[7]).to have_checked_field('Show epics in global search results', with: 1) - expect(result[8]).to have_checked_field('Show wiki in global search results', with: 1) + expect(result[0]).to have_checked_field('Allow unauthenticated users to use search', with: 1) + expect(result[1]).not_to have_checked_field('Restrict global search to authenticated users only', with: 1) + expect(result[2]).to have_checked_field('Show issues in global search results', with: 1) + expect(result[3]).not_to have_checked_field('Show merge requests in global search results', with: 1) + expect(result[4]).to have_checked_field('Show snippets in global search results', with: 1) + expect(result[5]).not_to have_checked_field('Show users in global search results', with: 1) + expect(result[6]).to have_checked_field('Show code in global search results', with: 1) + expect(result[7]).not_to have_checked_field('Show commits in global search results', with: 1) + expect(result[8]).to have_checked_field('Show epics in global search results', with: 1) + expect(result[9]).to have_checked_field('Show wikis in global search results', with: 1) end end end diff --git a/locale/gitlab.pot b/locale/gitlab.pot index be86a92c1753968aafb85163bb1996dc4869453d..cf835046054053c689f0af6e18cd9460df030451 100644 --- a/locale/gitlab.pot +++ b/locale/gitlab.pot @@ -6483,6 +6483,9 @@ msgstr "" msgid "Allow top-level group owners to create Service accounts." msgstr "" +msgid "Allow unauthenticated users to use search" +msgstr "" + msgid "Allow use of licensed EE features" msgstr "" @@ -16716,13 +16719,13 @@ msgstr "" msgid "Configure runner version management and registration settings." msgstr "" -msgid "Configure settings for Advanced Search with Elasticsearch." +msgid "Configure search access and visibility settings for search scopes." msgstr "" -msgid "Configure settings for exact code search." +msgid "Configure settings for Advanced Search with Elasticsearch." msgstr "" -msgid "Configure settings for global search." +msgid "Configure settings for exact code search." msgstr "" msgid "Configure specific limits for Files API requests that supersede the general user and IP rate limits." @@ -28346,9 +28349,6 @@ msgstr "" msgid "Global SAML group membership lock" msgstr "" -msgid "Global Search" -msgstr "" - msgid "Global Search is disabled for this scope" msgstr "" @@ -51162,7 +51162,7 @@ msgstr "" msgid "Restrict access by IP address" msgstr "" -msgid "Restrict global search to authenticated users" +msgid "Restrict global search to authenticated users only" msgstr "" msgid "Restrict membership by email domain" @@ -57372,7 +57372,7 @@ msgstr "" msgid "Show whitespace changes" msgstr "" -msgid "Show wiki in global search results" +msgid "Show wikis in global search results" msgstr "" msgid "Showing %d project." diff --git a/spec/controllers/search_controller_spec.rb b/spec/controllers/search_controller_spec.rb index 713c18f263996b1a51961d4c1aa8daa21371cda5..9fbc9fba743a1696c751930a7b83a031b655b9e8 100644 --- a/spec/controllers/search_controller_spec.rb +++ b/spec/controllers/search_controller_spec.rb @@ -252,9 +252,9 @@ end end - context 'when allow_anonymous_searches is disabled' do + context 'when anonymous_searches_allowed is disabled' do before do - stub_feature_flags(allow_anonymous_searches: false) + stub_application_setting(anonymous_searches_allowed: false) end context 'for unauthenticated user' do @@ -754,7 +754,7 @@ def request describe 'redirecting' do using RSpec::Parameterized::TableSyntax - where(:restricted_visibility_levels, :allow_anonymous_searches, :block_anonymous_global_searches, :redirect) do + where(:restricted_visibility_levels, :anonymous_searches_allowed, :block_anonymous_global_searches, :redirect) do [Gitlab::VisibilityLevel::PUBLIC] | true | false | true [Gitlab::VisibilityLevel::PRIVATE] | true | false | false nil | true | false | false @@ -766,7 +766,7 @@ def request with_them do before do stub_application_setting(restricted_visibility_levels: restricted_visibility_levels) - stub_feature_flags(allow_anonymous_searches: allow_anonymous_searches) + stub_application_setting(anonymous_searches_allowed: anonymous_searches_allowed) stub_application_setting(global_search_block_anonymous_searches_enabled: block_anonymous_global_searches) end diff --git a/spec/helpers/application_settings_helper_spec.rb b/spec/helpers/application_settings_helper_spec.rb index 4c59e8a688153b7982f4aefeca0b075b24170072..5833a674e8194bc7b53e82ef9d789157a252877e 100644 --- a/spec/helpers/application_settings_helper_spec.rb +++ b/spec/helpers/application_settings_helper_spec.rb @@ -402,11 +402,12 @@ it 'returns correctly checked checkboxes' do helper.gitlab_ui_form_for(application_setting, url: search_admin_application_settings_path) do |form| result = helper.global_search_settings_checkboxes(form) - expect(result[0]).to have_checked_field('Restrict global search to authenticated users', with: 1) - expect(result[1]).to have_checked_field('Show issues in global search results', with: 1) - expect(result[2]).not_to have_checked_field('Show merge requests in global search results', with: 1) - expect(result[3]).to have_checked_field('Show snippets in global search results', with: 1) - expect(result[4]).not_to have_checked_field('Show users in global search results', with: 1) + expect(result[0]).to have_checked_field('Allow unauthenticated users to use search', with: 1) + expect(result[1]).to have_checked_field('Restrict global search to authenticated users only', with: 1) + expect(result[2]).to have_checked_field('Show issues in global search results', with: 1) + expect(result[3]).not_to have_checked_field('Show merge requests in global search results', with: 1) + expect(result[4]).to have_checked_field('Show snippets in global search results', with: 1) + expect(result[5]).not_to have_checked_field('Show users in global search results', with: 1) end end end