From 2e672c39a09577a0a16e75a10a249c923d8ee863 Mon Sep 17 00:00:00 2001
From: Vinnie Okada <vincent@gitlab.com>
Date: Mon, 16 Mar 2015 13:59:50 -0600
Subject: [PATCH] Fix restricted visibility bugs

Check for nil values in the restricted_visibility_level validation
method, and set the restricted visibility request parameter to `[]` when
it's missing from the request.
---
 app/controllers/admin/application_settings_controller.rb | 4 +++-
 app/models/application_setting.rb                        | 8 +++++---
 2 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index 8f7d5e8006f57..9a5685877f8e2 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -21,7 +21,9 @@ def set_application_setting
 
   def application_setting_params
     restricted_levels = params[:application_setting][:restricted_visibility_levels]
-    unless restricted_levels.nil?
+    if restricted_levels.nil?
+      params[:application_setting][:restricted_visibility_levels] = []
+    else
       restricted_levels.map! do |level|
         level.to_i
       end
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 6abdf0c755a0b..1c87db613ae49 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -27,9 +27,11 @@ class ApplicationSetting < ActiveRecord::Base
     if: :home_page_url_column_exist
 
   validates_each :restricted_visibility_levels do |record, attr, value|
-    value.each do |level|
-      unless Gitlab::VisibilityLevel.options.has_value?(level)
-        record.errors.add(attr, "'#{level}' is not a valid visibility level")
+    unless value.nil?
+      value.each do |level|
+        unless Gitlab::VisibilityLevel.options.has_value?(level)
+          record.errors.add(attr, "'#{level}' is not a valid visibility level")
+        end
       end
     end
   end
-- 
GitLab