2 files changed, 33 insertions, 5 deletions

diff --git a/app/finders/base_finder.rb b/app/finders/base_finder.rb
index 7fc5840561c..7150bb2e31b 100644
--- a/app/finders/base_finder.rb
+++ b/app/finders/base_finder.rb
@@ -49,7 +49,7 @@ class BaseFinder
     elsif current_user && params[:authorized_only].presence
       klass.of_projects(current_user.authorized_projects).references(:project)
     else
-      klass.of_projects(Project.accessible_to(current_user)).references(:project)
+      klass.of_projects(ProjectsFinder.new.execute(current_user)).references(:project)
     end
   end
 
diff --git a/app/finders/projects_finder.rb b/app/finders/projects_finder.rb
index bfaba758788..26898bad493 100644
--- a/app/finders/projects_finder.rb
+++ b/app/finders/projects_finder.rb
@@ -1,5 +1,5 @@
 class ProjectsFinder
-  def execute(current_user, options)
+  def execute(current_user, options = {})
     group = options[:group]
 
     if group
@@ -56,8 +56,36 @@ class ProjectsFinder
     end
   end
 
-  def all_projects
-    # TODO: implement
-    raise 'Not implemented yet'
+  def all_projects(current_user)
+    if current_user
+      if current_user.authorized_projects.any?
+        # User has access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #   joined projects
+        #
+        Project.where(
+          "projects.id IN (?) OR projects.visibility_level IN (?)",
+          current_user.authorized_projects.pluck(:id),
+          Project.public_and_internal_levels
+        )
+      else
+        # User has no access to private projects
+        #
+        # Return only:
+        #   public projects
+        #   internal projects
+        #
+        Project.public_and_internal_only
+      end
+    else
+      # Not authenticated
+      #
+      # Return only:
+      #   public projects
+      Project.public_only
+    end
   end
 end