Merge branch 'add-private-projects-to-scope' into 'master'

Adds back private projects to Ci::Catalog::Listing See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/138195 Merged-by: Avielle Wolfe <awolfe@gitlab.com> Approved-by: Avielle Wolfe <awolfe@gitlab.com> Reviewed-by: Furkan Ayhan <furkanayhn@gmail.com> Co-authored-by: Laura Montemayor <lmontemayor@gitlab.com>

Merge branch 'add-private-projects-to-scope' into 'master'
80a42010 · Avielle Wolfe · 60c43387 · 3d96981c · 80a42010 · 80a42010
--- a/app/models/ci/catalog/listing.rb
+++ b/app/models/ci/catalog/listing.rb
@@ -60,7 +60,7 @@ def by_search(relation, search)

      def by_scope(relation, scope)
        if scope == :namespaces && Feature.enabled?(:ci_guard_for_catalog_resource_scope, current_user)
-          relation.merge(Project.public_and_internal_only.visible_to_user(current_user))
+          relation.merge(Project.visible_to_user(current_user))
        else
          relation.merge(Project.public_or_visible_to_user(current_user))
        end

--- a/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb
+++ b/spec/graphql/resolvers/ci/catalog/resources_resolver_spec.rb
@@ -12,7 +12,7 @@
    create(:project, :public, name: 'public', description: 'Test', namespace: namespace)
  end

-  let_it_be(:internal_project) { create(:project, :internal, :private, name: 'internal') }
+  let_it_be(:internal_project) { create(:project, :internal, name: 'internal') }
  let_it_be(:private_resource) { create(:ci_catalog_resource, :published, project: private_namespace_project) }
  let_it_be(:private_resource_2) { create(:ci_catalog_resource, project: private_namespace_project_2) }
  let_it_be(:public_resource) { create(:ci_catalog_resource, :published, project: public_namespace_project) }
@@ -40,7 +40,7 @@
    context 'with an authorized user' do
      before_all do
        namespace.add_reporter(user)
-        internal_project.add_owner(user)
+        internal_project.add_reporter(user)
      end

      context 'when the project path argument is provided' do
@@ -83,13 +83,14 @@
        context 'when the scope argument is :namespaces' do
          let(:scope) { 'NAMESPACES' }

-          it 'returns only internal and public projects of the namespaces the user is a member of' do
+          it 'returns projects of the namespaces the user is a member of' do
            namespace = create(:namespace, owner: user)
            internal_public_project = create(:project, :internal, name: 'internal public', namespace: namespace)
            create(:ci_catalog_resource, :published, project: internal_public_project)

-            expect(result.items.count).to be(2)
-            expect(result.items.pluck(:name)).to contain_exactly('public', 'internal public')
+            expect(result.items.count).to be(4)
+            expect(result.items.pluck(:name)).to contain_exactly('public', 'internal public', 'internal',
+              'z private test')
          end
        end

@@ -115,7 +116,9 @@
      end
    end

-    context 'when the current user cannot read the namespace catalog' do
+    context 'when the user is anonymous' do
+      let_it_be(:user) { nil }
+
      it 'returns only public projects' do
        expect(result.items.count).to be(1)
        expect(result.items.pluck(:name)).to contain_exactly('public')

--- a/spec/models/ci/catalog/listing_spec.rb
+++ b/spec/models/ci/catalog/listing_spec.rb
@@ -76,7 +76,8 @@

      context 'when the `ci_guard_query_for_catalog_resource_scope` ff is enabled' do
        it "returns the catalog resources belonging to the user's authorized namespaces" do
-          is_expected.to contain_exactly(public_resource_a, public_resource_b, internal_resource)
+          is_expected.to contain_exactly(public_resource_a, public_resource_b, internal_resource,
+            private_namespace_resource)
        end
      end