Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
iv
gitlab-ce
Commits
19b80e82
Commit
19b80e82
authored
Jul 05, 2016
by
Rémy Coutable
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Add a migration to remove requesters that are owners of their project
Signed-off-by:
Rémy Coutable
<
remy@rymai.me
>
parent
9ea80a19
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
53 additions
and
11 deletions
+53
-11
app/models/ability.rb
app/models/ability.rb
+12
-10
db/migrate/20160705163108_remove_requesters_that_are_owners.rb
...grate/20160705163108_remove_requesters_that_are_owners.rb
+40
-0
db/schema.rb
db/schema.rb
+1
-1
No files found.
app/models/ability.rb
View file @
19b80e82
...
@@ -171,14 +171,9 @@ class Ability
...
@@ -171,14 +171,9 @@ class Ability
# Allow to read builds for internal projects
# Allow to read builds for internal projects
rules
<<
:read_build
if
project
.
public_builds?
rules
<<
:read_build
if
project
.
public_builds?
group_member
=
unless
owner
||
project
.
team
.
member?
(
user
)
||
project_group_member?
(
project
,
user
)
project
.
group
&&
rules
<<
:request_access
(
end
project
.
group
.
members
.
exists?
(
user_id:
user
.
id
)
||
project
.
group
.
requesters
.
exists?
(
user_id:
user
.
id
)
)
rules
<<
:request_access
unless
owner
||
group_member
||
project
.
team
.
member?
(
user
)
end
end
if
project
.
archived?
if
project
.
archived?
...
@@ -501,8 +496,7 @@ class Ability
...
@@ -501,8 +496,7 @@ class Ability
target_user
=
subject
.
user
target_user
=
subject
.
user
project
=
subject
.
project
project
=
subject
.
project
# Allow owners that requested access to their own project to destroy themselves
unless
target_user
==
project
.
owner
if
target_user
!=
project
.
owner
||
subject
.
request?
can_manage
=
project_abilities
(
user
,
project
).
include?
(
:admin_project_member
)
can_manage
=
project_abilities
(
user
,
project
).
include?
(
:admin_project_member
)
if
can_manage
if
can_manage
...
@@ -582,5 +576,13 @@ class Ability
...
@@ -582,5 +576,13 @@ class Ability
rules
rules
end
end
def
project_group_member?
(
project
,
user
)
project
.
group
&&
(
project
.
group
.
members
.
exists?
(
user_id:
user
.
id
)
||
project
.
group
.
requesters
.
exists?
(
user_id:
user
.
id
)
)
end
end
end
end
end
db/migrate/20160705163108_remove_requesters_that_are_owners.rb
0 → 100644
View file @
19b80e82
class
RemoveRequestersThatAreOwners
<
ActiveRecord
::
Migration
include
Gitlab
::
Database
::
MigrationHelpers
def
up
# Delete requesters that are owner of their projects and actually requested
# access to it
execute
<<-
SQL
DELETE FROM members
WHERE members.source_type = 'Project'
AND members.type = 'ProjectMember'
AND members.requested_at IS NOT NULL
AND members.user_id = (
SELECT namespaces.owner_id
FROM namespaces
JOIN projects ON namespaces.id = projects.namespace_id
WHERE namespaces.type IS NULL
AND projects.id = members.source_id
AND namespaces.owner_id = members.user_id);
SQL
# Delete requesters that are owner of their project's group and actually requested
# access to it
execute
<<-
SQL
DELETE FROM members
WHERE members.source_type = 'Project'
AND members.type = 'ProjectMember'
AND members.requested_at IS NOT NULL
AND members.user_id = (
SELECT namespaces.owner_id
FROM namespaces
JOIN projects ON namespaces.id = projects.namespace_id
WHERE namespaces.type = 'Group'
AND projects.id = members.source_id
AND namespaces.owner_id = members.user_id);
SQL
end
def
down
end
end
db/schema.rb
View file @
19b80e82
...
@@ -11,7 +11,7 @@
...
@@ -11,7 +11,7 @@
#
#
# It's strongly recommended that you check this file into your version control system.
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
2016070
3180340
)
do
ActiveRecord
::
Schema
.
define
(
version:
2016070
5163108
)
do
# These are extensions that must be enabled in order to support this database
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
enable_extension
"plpgsql"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment