From 694768e51870ebb24a25730188e018782d3175ca Mon Sep 17 00:00:00 2001
From: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Date: Wed, 11 Sep 2013 21:00:16 +0300
Subject: [PATCH] Fix 404 if Group guest visit empty group page

---
 app/controllers/groups_controller.rb | 2 +-
 app/models/ability.rb                | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 3378675..9dc9afe 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -110,7 +110,7 @@ class GroupsController < ApplicationController
 
   # Dont allow unauthorized access to group
   def authorize_read_group!
-    unless projects.present? or can?(current_user, :manage_group, @group)
+    unless projects.present? or can?(current_user, :read_group, @group)
       return render_404
     end
   end
diff --git a/app/models/ability.rb b/app/models/ability.rb
index 74f92fe..8335829 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -135,6 +135,10 @@ class Ability
     def group_abilities user, group
       rules = []
 
+      if group.users.include?(user)
+        rules << :read_group
+      end
+
       # Only group owner and administrators can manage group
       if group.owners.include?(user) || user.admin?
         rules << [
--
libgit2 0.21.2