user_team_manager.rb 4.52 KB
Newer Older
Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
# UserTeamManager class
#
# Used for manage User teams with project repositories
module Gitlab
  class UserTeamManager
    class << self
      def assign(team, project, access)
        project = Project.find(project) unless project.is_a? Project
        searched_project = team.user_team_project_relationships.find_by_project_id(project.id)

        unless searched_project.present?
          team.user_team_project_relationships.create(project_id: project.id, greatest_access: access)
          update_team_users_access_in_project(team, project)
        end
      end

      def resign(team, project)
        project = Project.find(project) unless project.is_a? Project

        team.user_team_project_relationships.with_project(project).destroy_all

        update_team_users_access_in_project(team, project)
      end

25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
      def update_team_user_membership(team, member, options)
        updates = {}

        if options[:default_projects_access] && options[:default_projects_access] != team.default_projects_access(member)
          updates[:permission] = options[:default_projects_access]
        end

        if options[:group_admin].to_s != team.admin?(member).to_s
          updates[:group_admin] = options[:group_admin].present?
        end

        unless updates.blank?
          user_team_relationship = team.user_team_user_relationships.find_by_user_id(member)
          if user_team_relationship.update_attributes(updates)
            if updates[:permission]
              rebuild_project_permissions_to_member(team, member)
            end
            true
          else
            false
          end
        else
          true
        end
      end

51 52 53 54 55 56 57 58 59 60 61 62 63 64
      def update_project_greates_access(team, project, permission)
        project_relation = team.user_team_project_relationships.find_by_project_id(project)
        if permission != team.max_project_access(project)
          if project_relation.update_attributes(greatest_access: permission)
            update_team_users_access_in_project(team, project)
            true
          else
            false
          end
        else
          true
        end
      end

65 66 67 68 69 70
      def rebuild_project_permissions_to_member(team, member)
        team.projects.each do |project|
          update_team_user_access_in_project(team, member, project)
        end
      end

Andrey Kumanyaev's avatar
Andrey Kumanyaev committed
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139
      def update_team_users_access_in_project(team, project)
        members = team.members
        members.each do |member|
          update_team_user_access_in_project(team, member, project)
        end
      end

      def update_team_user_access_in_project(team, user, project)
        granted_access = max_teams_member_permission_in_project(user, project)

        project_team_user = UsersProject.find_by_user_id_and_project_id(user.id, project.id)

        if project_team_user.present?
          project_team_user.destroy
        end

        if project_team_user.blank? && granted_access > 0
          UsersProject.add_users_into_projects([project.id], [user.id], granted_access)
        end
      end

      def max_teams_member_permission_in_project(user, project, teams = nil)
        result_access = 0

        user_teams = project.user_teams.with_member(user)

        teams ||= user_teams

        if teams.any?
          teams.each do |team|
            granted_access = max_team_member_permission_in_project(team, user, project)
            result_access = [granted_access, result_access].max
          end
        end
        result_access
      end

      def max_team_member_permission_in_project(team, user, project)
        member_access = team.default_projects_access(user)
        team_access = team.user_team_project_relationships.find_by_project_id(project.id).greatest_access

        [team_access, member_access].min
      end

      def add_member_into_team(team, user, access, admin)
        user = User.find(user) unless user.is_a? User

        team.user_team_user_relationships.create(user_id: user.id, permission: access, group_admin: admin)
        team.projects.each do |project|
          update_team_user_access_in_project(team, user, project)
        end
      end

      def remove_member_from_team(team, user)
        user = User.find(user) unless user.is_a? User

        team.user_team_user_relationships.with_user(user).destroy_all
        other_teams = []
        team.projects.each do |project|
          other_teams << project.user_teams.with_member(user)
        end
        other_teams.uniq
        unless other_teams.any?
          UsersProject.in_projects(team.projects).with_user(user).destroy_all
        end
      end
    end
  end
end