debian-mirror-gitlab/app/finders/groups_finder.rb

# frozen_string_literal: true

# GroupsFinder
#
# Used to filter Groups by a set of params
#
# Arguments:
#   current_user - which user is requesting groups
#   params:
#     owned: boolean
#     parent: Group
#     all_available: boolean (defaults to true)
#     min_access_level: integer
#     exclude_group_ids: array of integers
#
# Users with full private access can see all groups. The `owned` and `parent`
# params can be used to restrict the groups that are returned.
#
# Anonymous users will never return any `owned` groups. They will return all
# public groups instead, even if `all_available` is set to false.
class GroupsFinder < UnionFinder
  include CustomAttributesFilter

  def initialize(current_user = nil, params = {})
    @current_user = current_user
    @params = params
  end

  def execute
    items = all_groups.map do |item|
      item = by_parent(item)
      item = by_custom_attributes(item)
      item = exclude_group_ids(item)

      item
    end

    find_union(items, Group).with_route.order_id_desc
  end

  private

  attr_reader :current_user, :params

  def all_groups
    return [owned_groups] if params[:owned]
    return [groups_with_min_access_level] if min_access_level?
    return [Group.all] if current_user&.can_read_all_resources? && all_available?

    groups = []
    groups << Gitlab::ObjectHierarchy.new(groups_for_ancestors, groups_for_descendants).all_objects if current_user
    groups << Group.unscoped.public_to_user(current_user) if include_public_groups?
    groups << Group.none if groups.empty?
    groups
  end

  def groups_for_ancestors
    current_user.authorized_groups
  end

  def groups_for_descendants
    current_user.groups
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def groups_with_min_access_level
    groups = current_user
      .groups
      .where('members.access_level >= ?', params[:min_access_level])

    Gitlab::ObjectHierarchy
      .new(groups)
      .base_and_descendants
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def exclude_group_ids(groups)
    return groups unless params[:exclude_group_ids]

    groups.id_not_in(params[:exclude_group_ids])
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def by_parent(groups)
    return groups unless params[:parent]

    groups.where(parent: params[:parent])
  end
  # rubocop: enable CodeReuse/ActiveRecord

  def owned_groups
    current_user&.owned_groups || Group.none
  end

  def include_public_groups?
    current_user.nil? || all_available?
  end

  def all_available?
    params.fetch(:all_available, true)
  end

  def min_access_level?
    current_user && params[:min_access_level].present?
  end
end
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`# GroupsFinder`
			`#`
			`# Used to filter Groups by a set of params`
			`#`
			`# Arguments:`
			`# current_user - which user is requesting groups`
			`# params:`
			`# owned: boolean`
			`# parent: Group`
			`# all_available: boolean (defaults to true)`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`# min_access_level: integer`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`# exclude_group_ids: array of integers`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`#`
			# Users with full private access can see all groups. The `owned` and `parent`
			`# params can be used to restrict the groups that are returned.`
			`#`
			# Anonymous users will never return any `owned` groups. They will return all
			# public groups instead, even if `all_available` is set to false.
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`class GroupsFinder < UnionFinder`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`include CustomAttributesFilter`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def initialize(current_user = nil, params = {})`
			`@current_user = current_user`
			`@params = params`
			`end`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def execute`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`items = all_groups.map do \|item\|`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`item = by_parent(item)`
			`item = by_custom_attributes(item)`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`item = exclude_group_ids(item)`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`item`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`find_union(items, Group).with_route.order_id_desc`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`

			`private`

New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`attr_reader :current_user, :params`

			`def all_groups`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`return [owned_groups] if params[:owned]`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`return [groups_with_min_access_level] if min_access_level?`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`return [Group.all] if current_user&.can_read_all_resources? && all_available?`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`groups = []`
New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`groups << Gitlab::ObjectHierarchy.new(groups_for_ancestors, groups_for_descendants).all_objects if current_user`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`groups << Group.unscoped.public_to_user(current_user) if include_public_groups?`
			`groups << Group.none if groups.empty?`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`groups`
			`end`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`def groups_for_ancestors`
			`current_user.authorized_groups`
			`end`

			`def groups_for_descendants`
			`current_user.groups`
			`end`

New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`def groups_with_min_access_level`
			`groups = current_user`
			`.groups`
			`.where('members.access_level >= ?', params[:min_access_level])`

New upstream version 11.7.5 2019-02-15 15:39:39 +05:30			`Gitlab::ObjectHierarchy`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`.new(groups)`
			`.base_and_descendants`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`def exclude_group_ids(groups)`
			`return groups unless params[:exclude_group_ids]`

			`groups.id_not_in(params[:exclude_group_ids])`
			`end`

New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`def by_parent(groups)`
			`return groups unless params[:parent]`

			`groups.where(parent: params[:parent])`
			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30
			`def owned_groups`
			`current_user&.owned_groups \|\| Group.none`
			`end`

			`def include_public_groups?`
New upstream version 10.8.7+dfsg 2018-10-15 14:42:47 +05:30			`current_user.nil? \|\| all_available?`
			`end`

			`def all_available?`
			`params.fetch(:all_available, true)`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`end`
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30
			`def min_access_level?`
			`current_user && params[:min_access_level].present?`
			`end`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`