Commit a2474646 authored by Jan Provaznik's avatar Jan Provaznik

Moved epic groups filtering to model

having this on service level causes rubocop fails (usage of whare,
preload outside of models). Although it's not ideal we usually do
user visibility filtering on model level.
parent 9bdc980b
...@@ -195,6 +195,15 @@ module EE ...@@ -195,6 +195,15 @@ module EE
def deepest_relationship_level def deepest_relationship_level
::Gitlab::ObjectHierarchy.new(self.where(parent_id: nil)).max_descendants_depth ::Gitlab::ObjectHierarchy.new(self.where(parent_id: nil)).max_descendants_depth
end end
def groups_user_can_read_epics(epics, user)
groups = ::Group.where(id: epics.select(:group_id))
groups = ::Gitlab::GroupPlansPreloader.new.preload(groups)
DeclarativePolicy.user_scope do
groups.select { |g| Ability.allowed?(user, :read_epic, g) }
end
end
end end
def resource_parent def resource_parent
......
...@@ -44,20 +44,9 @@ module Epics ...@@ -44,20 +44,9 @@ module Epics
def accessible_epics def accessible_epics
strong_memoize(:epics) do strong_memoize(:epics) do
epics = epic.base_and_descendants epics = epic.base_and_descendants
groups = groups_user_can_read_epics(epics) groups = Epic.groups_user_can_read_epics(epics, current_user)
epics.in_selected_groups(groups) epics.in_selected_groups(groups)
end end
end end
# rubocop: disable CodeReuse/ActiveRecord
def groups_user_can_read_epics(epics)
groups = Group.where(id: epics.select(:group_id))
groups = Gitlab::GroupPlansPreloader.new.preload(groups)
DeclarativePolicy.user_scope do
groups.select { |g| Ability.allowed?(current_user, :read_epic, g) }
end
end
# rubocop: enable CodeReuse/ActiveRecord
end end
end end
# frozen_string_literal: true
require 'spec_helper'
describe Issue do
describe '.in_epics' do
let_it_be(:epic1) { create(:epic) }
let_it_be(:epic2) { create(:epic) }
let_it_be(:epic_issue1) { create(:epic_issue, epic: epic1) }
let_it_be(:epic_issue2) { create(:epic_issue, epic: epic2) }
before do
stub_licensed_features(epics: true)
end
it 'returns only issues in selected epics' do
expect(described_class.count).to eq 2
expect(described_class.in_epics([epic1])).to eq [epic_issue1.issue]
end
end
end
...@@ -3,7 +3,8 @@ ...@@ -3,7 +3,8 @@
require 'spec_helper' require 'spec_helper'
describe Epic do describe Epic do
set(:group) { create(:group) } let_it_be(:user) { create(:user) }
let_it_be(:group) { create(:group) }
let(:project) { create(:project, group: group) } let(:project) { create(:project, group: group) }
describe 'associations' do describe 'associations' do
...@@ -100,6 +101,31 @@ describe Epic do ...@@ -100,6 +101,31 @@ describe Epic do
end end
end end
describe '.groups_user_can_read_epics' do
let_it_be(:private_group) { create(:group, :private) }
let_it_be(:epic) { create(:epic, group: private_group) }
subject do
epics = described_class.where(id: epic.id)
described_class.groups_user_can_read_epics(epics, user)
end
it 'does not return inaccessible groups' do
expect(subject).to be_empty
end
context 'with authorized user' do
before do
private_group.add_developer(user)
stub_licensed_features(epics: true)
end
it 'returns epic groups user can access' do
expect(subject).to eq [private_group]
end
end
end
describe '#valid_parent?' do describe '#valid_parent?' do
context 'basic checks' do context 'basic checks' do
let(:epic) { build(:epic, group: group) } let(:epic) { build(:epic, group: group) }
...@@ -352,7 +378,6 @@ describe Epic do ...@@ -352,7 +378,6 @@ describe Epic do
end end
describe '#issues_readable_by' do describe '#issues_readable_by' do
let(:user) { create(:user) }
let(:group) { create(:group, :private) } let(:group) { create(:group, :private) }
let(:project) { create(:project, group: group) } let(:project) { create(:project, group: group) }
let(:project2) { create(:project, group: group) } let(:project2) { create(:project, group: group) }
...@@ -400,7 +425,6 @@ describe Epic do ...@@ -400,7 +425,6 @@ describe Epic do
end end
describe '#reopen' do describe '#reopen' do
let(:user) { create(:user) }
subject(:epic) { create(:epic, state: 'closed', closed_at: Time.now, closed_by: user) } subject(:epic) { create(:epic, state: 'closed', closed_at: Time.now, closed_by: user) }
it 'sets closed_at to nil when an epic is reopend' do it 'sets closed_at to nil when an epic is reopend' do
......
...@@ -66,6 +66,22 @@ describe Issue do ...@@ -66,6 +66,22 @@ describe Issue do
expect(described_class.service_desk).not_to include(regular_issue) expect(described_class.service_desk).not_to include(regular_issue)
end end
end end
describe '.in_epics' do
let_it_be(:epic1) { create(:epic) }
let_it_be(:epic2) { create(:epic) }
let_it_be(:epic_issue1) { create(:epic_issue, epic: epic1) }
let_it_be(:epic_issue2) { create(:epic_issue, epic: epic2) }
before do
stub_licensed_features(epics: true)
end
it 'returns only issues in selected epics' do
expect(described_class.count).to eq 2
expect(described_class.in_epics([epic1])).to eq [epic_issue1.issue]
end
end
end end
describe 'validations' do describe 'validations' do
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment