From f0ba001877e074eb8046f476c9972a47fe108f1b Mon Sep 17 00:00:00 2001
From: Adam Niedzielski <adamsunday@gmail.com>
Date: Wed, 28 Dec 2016 14:41:30 +0100
Subject: [PATCH] Cache project authorizations even when user has access to
 zero projects

---
 .../refresh_authorized_projects_service.rb    |  2 +-
 .../26126-cache-even-when-no-projects.yml     |  4 ++
 ...efresh_authorized_projects_service_spec.rb | 37 ++++++++++++++++---
 3 files changed, 36 insertions(+), 7 deletions(-)
 create mode 100644 changelogs/unreleased/26126-cache-even-when-no-projects.yml

diff --git a/app/services/users/refresh_authorized_projects_service.rb b/app/services/users/refresh_authorized_projects_service.rb
index 7d38ac3a37..8559908e0c 100644
--- a/app/services/users/refresh_authorized_projects_service.rb
+++ b/app/services/users/refresh_authorized_projects_service.rb
@@ -74,7 +74,7 @@ module Users
     # remove - The IDs of the authorization rows to remove.
     # add - Rows to insert in the form `[user id, project id, access level]`
     def update_authorizations(remove = [], add = [])
-      return if remove.empty? && add.empty?
+      return if remove.empty? && add.empty? && user.authorized_projects_populated
 
       User.transaction do
         user.remove_project_authorizations(remove) unless remove.empty?
diff --git a/changelogs/unreleased/26126-cache-even-when-no-projects.yml b/changelogs/unreleased/26126-cache-even-when-no-projects.yml
new file mode 100644
index 0000000000..53e14ac9ed
--- /dev/null
+++ b/changelogs/unreleased/26126-cache-even-when-no-projects.yml
@@ -0,0 +1,4 @@
+---
+title: Cache project authorizations even when user has access to zero projects
+merge_request: 8327
+author:
diff --git a/spec/services/users/refresh_authorized_projects_service_spec.rb b/spec/services/users/refresh_authorized_projects_service_spec.rb
index 72c8f7cd8e..1f6919151d 100644
--- a/spec/services/users/refresh_authorized_projects_service_spec.rb
+++ b/spec/services/users/refresh_authorized_projects_service_spec.rb
@@ -54,12 +54,37 @@ describe Users::RefreshAuthorizedProjectsService do
   end
 
   describe '#update_authorizations' do
-    it 'does nothing when there are no rows to add and remove' do
-      expect(user).not_to receive(:remove_project_authorizations)
-      expect(ProjectAuthorization).not_to receive(:insert_authorizations)
-      expect(user).not_to receive(:set_authorized_projects_column)
+    context 'when there are no rows to add and remove' do
+      it 'does not change authorizations' do
+        expect(user).not_to receive(:remove_project_authorizations)
+        expect(ProjectAuthorization).not_to receive(:insert_authorizations)
 
-      service.update_authorizations([], [])
+        service.update_authorizations([], [])
+      end
+
+      context 'when the authorized projects column is not set' do
+        before do
+          user.update!(authorized_projects_populated: nil)
+        end
+
+        it 'populates the authorized projects column' do
+          service.update_authorizations([], [])
+
+          expect(user.authorized_projects_populated).to eq true
+        end
+      end
+
+      context 'when the authorized projects column is set' do
+        before do
+          user.update!(authorized_projects_populated: true)
+        end
+
+        it 'does nothing' do
+          expect(user).not_to receive(:set_authorized_projects_column)
+
+          service.update_authorizations([], [])
+        end
+      end
     end
 
     it 'removes authorizations that should be removed' do
@@ -84,7 +109,7 @@ describe Users::RefreshAuthorizedProjectsService do
     it 'populates the authorized projects column' do
       # make sure we start with a nil value no matter what the default in the
       # factory may be.
-      user.update(authorized_projects_populated: nil)
+      user.update!(authorized_projects_populated: nil)
 
       service.update_authorizations([], [[user.id, project.id, Gitlab::Access::MASTER]])
 
-- 
2.30.9