Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
39011be5
Commit
39011be5
authored
Mar 02, 2018
by
Andreas Brandl
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Extract method User#authorizations_for_projects.
parent
0a3fc7e3
Changes
4
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
40 additions
and
17 deletions
+40
-17
app/finders/snippets_finder.rb
app/finders/snippets_finder.rb
+1
-5
app/models/project.rb
app/models/project.rb
+4
-12
app/models/user.rb
app/models/user.rb
+9
-0
spec/models/user_spec.rb
spec/models/user_spec.rb
+26
-0
No files found.
app/finders/snippets_finder.rb
View file @
39011be5
...
...
@@ -72,11 +72,7 @@ class SnippetsFinder < UnionFinder
# we can shortcut and just return.
return
yield
(
Project
.
all
)
if
current_user
.
full_private_access?
authorized
=
current_user
.
project_authorizations
.
select
(
1
)
.
where
(
'project_authorizations.project_id = projects.id'
)
authorized_projects
=
yield
(
Project
.
where
(
'EXISTS (?)'
,
authorized
))
authorized_projects
=
yield
(
Project
.
where
(
'EXISTS (?)'
,
current_user
.
authorizations_for_projects
))
levels
=
Gitlab
::
VisibilityLevel
.
levels_for_user
(
current_user
)
visible_projects
=
yield
(
Project
.
where
(
visibility_level:
levels
))
...
...
app/models/project.rb
View file @
39011be5
...
...
@@ -319,14 +319,9 @@ class Project < ActiveRecord::Base
# logged in user.
def
self
.
public_or_visible_to_user
(
user
=
nil
)
if
user
authorized
=
user
.
project_authorizations
.
select
(
1
)
.
where
(
'project_authorizations.project_id = projects.id'
)
levels
=
Gitlab
::
VisibilityLevel
.
levels_for_user
(
user
)
where
(
'EXISTS (?) OR projects.visibility_level IN (?)'
,
authorized
,
levels
)
where
(
'EXISTS (?) OR projects.visibility_level IN (?)'
,
user
.
authorizations_for_projects
,
Gitlab
::
VisibilityLevel
.
levels_for_user
(
user
))
else
public_to_user
end
...
...
@@ -347,14 +342,11 @@ class Project < ActiveRecord::Base
elsif
user
column
=
ProjectFeature
.
quoted_access_level_column
(
feature
)
authorized
=
user
.
project_authorizations
.
select
(
1
)
.
where
(
'project_authorizations.project_id = projects.id'
)
with_project_feature
.
where
(
"
#{
column
}
IN (?) OR (
#{
column
}
= ? AND EXISTS (?))"
,
visible
,
ProjectFeature
::
PRIVATE
,
authorized
)
user
.
authorizations_for_projects
)
else
with_feature_access_level
(
feature
,
visible
)
end
...
...
app/models/user.rb
View file @
39011be5
...
...
@@ -601,6 +601,15 @@ class User < ActiveRecord::Base
authorized_projects
(
min_access_level
).
exists?
({
id:
project
.
id
})
end
# Typically used in conjunction with projects table to get projects
# a user has been given access to.
#
# Example use:
# `Project.where('EXISTS(?)', user.authorizations_for_projects)`
def
authorizations_for_projects
project_authorizations
.
select
(
1
).
where
(
'project_authorizations.project_id = projects.id'
)
end
# Returns the projects this user has reporter (or greater) access to, limited
# to at most the given projects.
#
...
...
spec/models/user_spec.rb
View file @
39011be5
...
...
@@ -1635,6 +1635,32 @@ describe User do
end
end
describe
'#authorizations_for_projects'
do
let!
(
:user
)
{
create
(
:user
)
}
subject
{
Project
.
where
(
"EXISTS (?)"
,
user
.
authorizations_for_projects
)
}
it
'includes projects that belong to a user, but no other projects'
do
owned
=
create
(
:project
,
:private
,
namespace:
user
.
namespace
)
member
=
create
(
:project
,
:private
).
tap
{
|
p
|
p
.
add_master
(
user
)
}
other
=
create
(
:project
)
expect
(
subject
).
to
include
(
owned
)
expect
(
subject
).
to
include
(
member
)
expect
(
subject
).
not_to
include
(
other
)
end
it
'includes projects a user has access to, but no other projects'
do
other_user
=
create
(
:user
)
accessible
=
create
(
:project
,
:private
,
namespace:
other_user
.
namespace
)
do
|
project
|
project
.
add_developer
(
user
)
end
other
=
create
(
:project
)
expect
(
subject
).
to
include
(
accessible
)
expect
(
subject
).
not_to
include
(
other
)
end
end
describe
'#authorized_projects'
,
:delete
do
context
'with a minimum access level'
do
it
'includes projects for which the user is an owner'
do
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment