2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
module Groups
class UpdateService < Groups :: BaseService
2018-03-17 18:26:18 +05:30
include UpdateVisibilityLevel
2021-01-03 14:25:43 +05:30
SETTINGS_PARAMS = [ :allow_mfa_for_subgroups ] . freeze
2016-06-02 11:05:42 +05:30
def execute
2017-08-17 22:00:37 +05:30
reject_parent_id!
2019-07-07 11:18:12 +05:30
remove_unallowed_params
2017-08-17 22:00:37 +05:30
2019-12-21 20:55:43 +05:30
if renaming_group_with_container_registry_images?
group . errors . add ( :base , container_images_error )
return false
end
2018-03-17 18:26:18 +05:30
return false unless valid_visibility_level_change? ( group , params [ :visibility_level ] )
2016-06-02 11:05:42 +05:30
2018-03-17 18:26:18 +05:30
return false unless valid_share_with_group_lock_change?
2016-06-02 11:05:42 +05:30
2020-10-24 23:57:45 +05:30
return false unless valid_path_change_with_npm_packages?
2021-01-03 14:25:43 +05:30
return false unless update_shared_runners
handle_changes
2019-03-02 22:35:43 +05:30
before_assignment_hook ( group , params )
2021-01-03 14:25:43 +05:30
handle_namespace_settings
2016-06-02 11:05:42 +05:30
group . assign_attributes ( params )
2017-08-17 22:00:37 +05:30
begin
2018-12-13 13:39:08 +05:30
success = group . save
2018-11-18 11:00:15 +05:30
2018-12-13 13:39:08 +05:30
after_update if success
success
2017-08-17 22:00:37 +05:30
rescue Gitlab :: UpdatePathError = > e
group . errors . add ( :base , e . message )
false
end
end
private
2020-10-24 23:57:45 +05:30
def valid_path_change_with_npm_packages?
return true unless group . packages_feature_enabled?
return true if params [ :path ] . blank?
return true if ! group . has_parent? && group . path == params [ :path ]
npm_packages = :: Packages :: GroupPackagesFinder . new ( current_user , group , package_type : :npm ) . execute
if npm_packages . exists?
group . errors . add ( :path , s_ ( 'GroupSettings|cannot change when group contains projects with NPM packages' ) )
return
end
true
end
2019-03-02 22:35:43 +05:30
def before_assignment_hook ( group , params )
2019-07-07 11:18:12 +05:30
# overridden in EE
2019-03-02 22:35:43 +05:30
end
2019-12-21 20:55:43 +05:30
def renaming_group_with_container_registry_images?
new_path = params [ :path ]
2019-12-26 22:10:19 +05:30
new_path &&
new_path != group . path &&
group . has_container_repository_including_subgroups?
2019-12-21 20:55:43 +05:30
end
def container_images_error
s_ ( " GroupSettings|Cannot update the path because there are projects under this group that contain Docker images in their Container Registry. Please remove the images from your projects first and try again. " )
end
2018-11-18 11:00:15 +05:30
def after_update
if group . previous_changes . include? ( :visibility_level ) && group . private?
# don't enqueue immediately to prevent todos removal in case of a mistake
2019-01-03 12:48:30 +05:30
TodosDestroyer :: GroupPrivateWorker . perform_in ( Todo :: WAIT_FOR_DELETE , group . id )
2018-11-18 11:00:15 +05:30
end
2021-01-03 14:25:43 +05:30
update_two_factor_requirement_for_subgroups
end
def update_two_factor_requirement_for_subgroups
settings = group . namespace_settings
return if settings . allow_mfa_for_subgroups
if settings . previous_changes . include? ( :allow_mfa_for_subgroups )
# enque in batches members update
DisallowTwoFactorForSubgroupsWorker . perform_async ( group . id )
end
2018-11-18 11:00:15 +05:30
end
2017-08-17 22:00:37 +05:30
def reject_parent_id!
2019-02-15 15:39:39 +05:30
params . delete ( :parent_id )
2016-06-02 11:05:42 +05:30
end
2018-03-17 18:26:18 +05:30
2019-10-12 21:52:04 +05:30
# overridden in EE
def remove_unallowed_params
params . delete ( :emails_disabled ) unless can? ( current_user , :set_emails_disabled , group )
2020-05-24 23:13:21 +05:30
params . delete ( :default_branch_protection ) unless can? ( current_user , :update_default_branch_protection , group )
2019-10-12 21:52:04 +05:30
end
2021-01-03 14:25:43 +05:30
def handle_changes
handle_settings_update
end
def handle_settings_update
settings_params = params . slice ( * allowed_settings_params )
allowed_settings_params . each { | param | params . delete ( param ) }
:: NamespaceSettings :: UpdateService . new ( current_user , group , settings_params ) . execute
end
def allowed_settings_params
SETTINGS_PARAMS
end
2018-03-17 18:26:18 +05:30
def valid_share_with_group_lock_change?
return true unless changing_share_with_group_lock?
return true if can? ( current_user , :change_share_with_group_lock , group )
group . errors . add ( :share_with_group_lock , s_ ( 'GroupSettings|cannot be disabled when the parent group "Share with group lock" is enabled, except by the owner of the parent group' ) )
false
end
def changing_share_with_group_lock?
return false if params [ :share_with_group_lock ] . nil?
params [ :share_with_group_lock ] != group . share_with_group_lock
end
2021-01-03 14:25:43 +05:30
def update_shared_runners
return true if params [ :shared_runners_setting ] . nil?
result = Groups :: UpdateSharedRunnersService . new ( group , current_user , shared_runners_setting : params . delete ( :shared_runners_setting ) ) . execute
return true if result [ :status ] == :success
group . errors . add ( :update_shared_runners , result [ :message ] )
false
end
2016-06-02 11:05:42 +05:30
end
end
2019-12-04 20:38:33 +05:30
Groups :: UpdateService . prepend_if_ee ( 'EE::Groups::UpdateService' )