Commit 2f0a764d authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Fix user page performance and authorization

parent 75d2145e
......@@ -4,11 +4,8 @@ class UsersController < ApplicationController
layout :determine_layout
def show
# Projects user can view
visible_projects = ProjectsFinder.new.execute(current_user)
authorized_projects_ids = visible_projects.pluck(:id)
@contributed_projects = Project.where(id: authorized_projects_ids).
@contributed_projects = Project.
where(id: authorized_projects_ids & @user.contributed_projects_ids).
in_group_namespace.includes(:namespace)
@projects = @user.personal_projects.
......@@ -32,8 +29,8 @@ class UsersController < ApplicationController
end
def calendar
visible_projects = ProjectsFinder.new.execute(current_user)
calendar = Gitlab::CommitsCalendar.new(visible_projects, @user)
projects = Project.where(id: authorized_projects_ids & @user.contributed_projects_ids)
calendar = Gitlab::CommitsCalendar.new(projects, @user)
@timestamps = calendar.timestamps
@starting_year = calendar.starting_year
@starting_month = calendar.starting_month
......@@ -58,4 +55,10 @@ class UsersController < ApplicationController
return authenticate_user!
end
end
def authorized_projects_ids
# Projects user can view
@authorized_projects_ids ||=
ProjectsFinder.new.execute(current_user).pluck(:id)
end
end
......@@ -607,4 +607,11 @@ class User < ActiveRecord::Base
def oauth_authorized_tokens
Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
end
def contributed_projects_ids
Event.where(author_id: self).
reorder(project_id: :desc).
select('DISTINCT(project_id)').
map(&:project_id)
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment