Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jérome Perrin
gitlab-ce
Commits
5551ccd7
Commit
5551ccd7
authored
Mar 02, 2016
by
Felipe Artur
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Code improvements
parent
f2a9ee25
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
42 additions
and
33 deletions
+42
-33
app/controllers/groups_controller.rb
app/controllers/groups_controller.rb
+2
-2
app/controllers/users_controller.rb
app/controllers/users_controller.rb
+10
-0
app/finders/groups_finder.rb
app/finders/groups_finder.rb
+2
-11
app/helpers/groups_helper.rb
app/helpers/groups_helper.rb
+1
-1
app/models/ability.rb
app/models/ability.rb
+11
-7
app/models/concerns/shared_scopes.rb
app/models/concerns/shared_scopes.rb
+8
-0
app/models/group.rb
app/models/group.rb
+5
-5
app/models/project.rb
app/models/project.rb
+1
-2
db/migrate/20160301124843_add_visibility_level_to_groups.rb
db/migrate/20160301124843_add_visibility_level_to_groups.rb
+1
-4
db/schema.rb
db/schema.rb
+1
-1
No files found.
app/controllers/groups_controller.rb
View file @
5551ccd7
...
@@ -9,7 +9,7 @@ class GroupsController < Groups::ApplicationController
...
@@ -9,7 +9,7 @@ class GroupsController < Groups::ApplicationController
before_action
:group
,
except:
[
:index
,
:new
,
:create
]
before_action
:group
,
except:
[
:index
,
:new
,
:create
]
# Authorize
# Authorize
before_action
:authorize_read_group!
,
except:
[
:index
,
:
show
,
:new
,
:create
,
:autocomple
te
]
before_action
:authorize_read_group!
,
except:
[
:index
,
:
new
,
:crea
te
]
before_action
:authorize_admin_group!
,
only:
[
:edit
,
:update
,
:destroy
,
:projects
]
before_action
:authorize_admin_group!
,
only:
[
:edit
,
:update
,
:destroy
,
:projects
]
before_action
:authorize_create_group!
,
only:
[
:new
,
:create
]
before_action
:authorize_create_group!
,
only:
[
:new
,
:create
]
...
@@ -105,7 +105,7 @@ class GroupsController < Groups::ApplicationController
...
@@ -105,7 +105,7 @@ class GroupsController < Groups::ApplicationController
# Dont allow unauthorized access to group
# Dont allow unauthorized access to group
def
authorize_read_group!
def
authorize_read_group!
unless
@group
and
(
@projects
.
present?
or
can?
(
current_user
,
:read_group
,
@group
)
)
unless
can?
(
current_user
,
:read_group
,
@group
)
if
current_user
.
nil?
if
current_user
.
nil?
return
authenticate_user!
return
authenticate_user!
else
else
...
...
app/controllers/users_controller.rb
View file @
5551ccd7
...
@@ -3,6 +3,16 @@ class UsersController < ApplicationController
...
@@ -3,6 +3,16 @@ class UsersController < ApplicationController
before_action
:set_user
before_action
:set_user
def
show
def
show
<<<<<<<
HEAD
=======
@contributed_projects
=
contributed_projects
.
joined
(
@user
).
reject
(
&
:forked?
)
@projects
=
PersonalProjectsFinder
.
new
(
@user
).
execute
(
current_user
)
@projects
=
@projects
.
page
(
params
[
:page
]).
per
(
PER_PAGE
)
@groups
=
@user
.
groups
.
order_id_desc
>>>>>>>
Code
improvements
respond_to
do
|
format
|
respond_to
do
|
format
|
format
.
html
format
.
html
...
...
app/finders/groups_finder.rb
View file @
5551ccd7
class
GroupsFinder
class
GroupsFinder
def
execute
(
current_user
=
nil
)
def
execute
(
current_user
=
nil
)
segments
=
all_groups
(
current_user
)
segments
=
all_groups
(
current_user
)
if
segments
.
length
>
1
if
segments
.
length
>
1
...
@@ -15,17 +14,9 @@ class GroupsFinder
...
@@ -15,17 +14,9 @@ class GroupsFinder
def
all_groups
(
current_user
)
def
all_groups
(
current_user
)
if
current_user
if
current_user
[
current_user
.
authorized_groups
,
public_and_internal_groups
]
[
current_user
.
authorized_groups
,
Group
.
unscoped
.
public_and_internal_only
]
else
else
[
Group
.
public_only
]
[
Group
.
unscoped
.
public_only
]
end
end
end
end
def
public_groups
Group
.
unscoped
.
public_only
end
def
public_and_internal_groups
Group
.
unscoped
.
public_and_internal_only
end
end
end
app/helpers/groups_helper.rb
View file @
5551ccd7
...
@@ -28,7 +28,7 @@ module GroupsHelper
...
@@ -28,7 +28,7 @@ module GroupsHelper
group
=
Group
.
find_by
(
path:
group
)
group
=
Group
.
find_by
(
path:
group
)
end
end
if
group
&&
group
.
avatar
.
present?
if
group
&&
can?
(
current_user
,
:read_group
,
group
)
&&
group
.
avatar
.
present?
group
.
avatar
.
url
group
.
avatar
.
url
else
else
'no_group_avatar.png'
'no_group_avatar.png'
...
...
app/models/ability.rb
View file @
5551ccd7
...
@@ -83,7 +83,7 @@ class Ability
...
@@ -83,7 +83,7 @@ class Ability
subject
.
group
subject
.
group
end
end
if
group
&&
group
.
p
rojects
.
public_only
.
any
?
if
group
&&
group
.
p
ublic
?
[
:read_group
]
[
:read_group
]
else
else
[]
[]
...
@@ -271,16 +271,13 @@ class Ability
...
@@ -271,16 +271,13 @@ class Ability
def
group_abilities
(
user
,
group
)
def
group_abilities
(
user
,
group
)
rules
=
[]
rules
=
[]
if
user
.
admin?
||
group
.
users
.
include?
(
user
)
||
ProjectsFinder
.
new
.
execute
(
user
,
group:
group
).
any?
rules
<<
:read_group
if
can_read_group?
(
user
,
group
)
rules
<<
:read_group
end
# Only group masters and group owners can create new projects and change permission level
# Only group masters and group owners can create new projects and change permission level
if
group
.
has_master?
(
user
)
||
group
.
has_owner?
(
user
)
||
user
.
admin?
if
group
.
has_master?
(
user
)
||
group
.
has_owner?
(
user
)
||
user
.
admin?
rules
+=
[
rules
+=
[
:create_projects
,
:create_projects
,
:admin_milestones
,
:admin_milestones
:change_visibility_level
]
]
end
end
...
@@ -289,13 +286,20 @@ class Ability
...
@@ -289,13 +286,20 @@ class Ability
rules
+=
[
rules
+=
[
:admin_group
,
:admin_group
,
:admin_namespace
,
:admin_namespace
,
:admin_group_member
:admin_group_member
,
:change_visibility_level
]
]
end
end
rules
.
flatten
rules
.
flatten
end
end
def
can_read_group?
(
user
,
group
)
is_project_member
=
ProjectsFinder
.
new
.
execute
(
user
,
group:
group
).
any?
internal_group_allowed
=
group
.
internal?
&&
user
.
present?
user
.
admin?
||
group
.
users
.
include?
(
user
)
||
is_project_member
||
group
.
public?
||
internal_group_allowed
end
def
namespace_abilities
(
user
,
namespace
)
def
namespace_abilities
(
user
,
namespace
)
rules
=
[]
rules
=
[]
...
...
app/models/concerns/shared_scopes.rb
0 → 100644
View file @
5551ccd7
module
SharedScopes
extend
ActiveSupport
::
Concern
included
do
scope
:public_only
,
->
{
where
(
visibility_level:
Group
::
PUBLIC
)
}
scope
:public_and_internal_only
,
->
{
where
(
visibility_level:
[
Group
::
PUBLIC
,
Group
::
INTERNAL
]
)
}
end
end
app/models/group.rb
View file @
5551ccd7
...
@@ -21,7 +21,7 @@ class Group < Namespace
...
@@ -21,7 +21,7 @@ class Group < Namespace
include
Gitlab
::
ConfigHelper
include
Gitlab
::
ConfigHelper
include
Gitlab
::
VisibilityLevel
include
Gitlab
::
VisibilityLevel
include
Referable
include
Referable
include
SharedScopes
has_many
:group_members
,
dependent: :destroy
,
as: :source
,
class_name:
'GroupMember'
has_many
:group_members
,
dependent: :destroy
,
as: :source
,
class_name:
'GroupMember'
alias_method
:members
,
:group_members
alias_method
:members
,
:group_members
...
@@ -35,10 +35,6 @@ class Group < Namespace
...
@@ -35,10 +35,6 @@ class Group < Namespace
after_create
:post_create_hook
after_create
:post_create_hook
after_destroy
:post_destroy_hook
after_destroy
:post_destroy_hook
scope
:public_only
,
->
{
where
(
visibility_level:
Group
::
PUBLIC
)
}
scope
:public_and_internal_only
,
->
{
where
(
visibility_level:
[
Group
::
PUBLIC
,
Group
::
INTERNAL
]
)
}
class
<<
self
class
<<
self
def
search
(
query
)
def
search
(
query
)
where
(
"LOWER(namespaces.name) LIKE :query or LOWER(namespaces.path) LIKE :query"
,
query:
"%
#{
query
.
downcase
}
%"
)
where
(
"LOWER(namespaces.name) LIKE :query or LOWER(namespaces.path) LIKE :query"
,
query:
"%
#{
query
.
downcase
}
%"
)
...
@@ -69,6 +65,10 @@ class Group < Namespace
...
@@ -69,6 +65,10 @@ class Group < Namespace
name
name
end
end
def
visibility_level_field
visibility_level
end
def
avatar_url
(
size
=
nil
)
def
avatar_url
(
size
=
nil
)
if
avatar
.
present?
if
avatar
.
present?
[
gitlab_config
.
url
,
avatar
.
url
].
join
[
gitlab_config
.
url
,
avatar
.
url
].
join
...
...
app/models/project.rb
View file @
5551ccd7
...
@@ -52,6 +52,7 @@ class Project < ActiveRecord::Base
...
@@ -52,6 +52,7 @@ class Project < ActiveRecord::Base
include
AfterCommitQueue
include
AfterCommitQueue
include
CaseSensitivity
include
CaseSensitivity
include
TokenAuthenticatable
include
TokenAuthenticatable
include
SharedScopes
extend
Gitlab
::
ConfigHelper
extend
Gitlab
::
ConfigHelper
...
@@ -213,8 +214,6 @@ class Project < ActiveRecord::Base
...
@@ -213,8 +214,6 @@ class Project < ActiveRecord::Base
scope
:in_group_namespace
,
->
{
joins
(
:group
)
}
scope
:in_group_namespace
,
->
{
joins
(
:group
)
}
scope
:personal
,
->
(
user
)
{
where
(
namespace_id:
user
.
namespace_id
)
}
scope
:personal
,
->
(
user
)
{
where
(
namespace_id:
user
.
namespace_id
)
}
scope
:joined
,
->
(
user
)
{
where
(
'namespace_id != ?'
,
user
.
namespace_id
)
}
scope
:joined
,
->
(
user
)
{
where
(
'namespace_id != ?'
,
user
.
namespace_id
)
}
scope
:public_only
,
->
{
where
(
visibility_level:
Project
::
PUBLIC
)
}
scope
:public_and_internal_only
,
->
{
where
(
visibility_level:
Project
.
public_and_internal_levels
)
}
scope
:non_archived
,
->
{
where
(
archived:
false
)
}
scope
:non_archived
,
->
{
where
(
archived:
false
)
}
scope
:for_milestones
,
->
(
ids
)
{
joins
(
:milestones
).
where
(
'milestones.id'
=>
ids
).
distinct
}
scope
:for_milestones
,
->
(
ids
)
{
joins
(
:milestones
).
where
(
'milestones.id'
=>
ids
).
distinct
}
...
...
db/migrate/20160301124843_add_visibility_level_to_groups.rb
View file @
5551ccd7
class
AddVisibilityLevelToGroups
<
ActiveRecord
::
Migration
class
AddVisibilityLevelToGroups
<
ActiveRecord
::
Migration
def
change
def
change
#All groups will be private when created
#All groups will be private when created
add_column
:namespaces
,
:visibility_level
,
:integer
,
null:
false
,
default:
0
add_column
:namespaces
,
:visibility_level
,
:integer
,
null:
false
,
default:
20
#Set all existing groups to public
Group
.
update_all
(
visibility_level:
20
)
end
end
end
end
db/schema.rb
View file @
5551ccd7
...
@@ -11,7 +11,7 @@
...
@@ -11,7 +11,7 @@
#
#
# It's strongly recommended that you check this file into your version control system.
# It's strongly recommended that you check this file into your version control system.
ActiveRecord
::
Schema
.
define
(
version:
2016030
5220806
)
do
ActiveRecord
::
Schema
.
define
(
version:
2016030
1124843
)
do
# These are extensions that must be enabled in order to support this database
# These are extensions that must be enabled in order to support this database
enable_extension
"plpgsql"
enable_extension
"plpgsql"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment