debian-mirror-gitlab/app/services/members/update_service.rb

# frozen_string_literal: true

module Members
  class UpdateService < Members::BaseService
    # @param members [Member, Array<Member>]
    # returns the updated member(s)
    def execute(members, permission: :update)
      members = Array.wrap(members)

      old_access_level_expiry_map = members.to_h do |member|
        [member.id, { human_access: member.human_access, expires_at: member.expires_at }]
      end

      updated_members = update_members(members, permission)
      Member.transaction do
        updated_members.each { |member| post_update(member, permission, old_access_level_expiry_map) }
      end

      prepare_response(members)
    end

    private

    def update_members(members, permission)
      # `filter_map` avoids the `post_update` call for the member that resulted in no change
      Member.transaction do
        members.filter_map { |member| update_member(member, permission) }
      end
    rescue ActiveRecord::RecordInvalid
      []
    end

    def update_member(member, permission)
      raise Gitlab::Access::AccessDeniedError unless has_update_permissions?(member, permission)

      member.attributes = params
      return unless member.changed?

      member.tap(&:save!)
    end

    def post_update(member, permission, old_access_level_expiry_map)
      old_access_level = old_access_level_expiry_map[member.id][:human_access]
      old_expiry = old_access_level_expiry_map[member.id][:expires_at]

      after_execute(action: permission, old_access_level: old_access_level, old_expiry: old_expiry, member: member)
      enqueue_delete_todos(member) if downgrading_to_guest? # Deletes only confidential issues todos for guests
    end

    def prepare_response(members)
      errored_members = members.select { |member| member.errors.any? }
      if errored_members.present?
        error_message = errored_members.flat_map { |member| member.errors.full_messages }.uniq.to_sentence
        return error(error_message, pass_back: { members: errored_members })
      end

      success(members: members)
    end

    def has_update_permissions?(member, permission)
      can?(current_user, action_member_permission(permission, member), member) &&
        !prevent_upgrade_to_owner?(member) &&
        !prevent_downgrade_from_owner?(member)
    end

    def downgrading_to_guest?
      params[:access_level] == Gitlab::Access::GUEST
    end

    def upgrading_to_owner?
      params[:access_level] == Gitlab::Access::OWNER
    end

    def downgrading_from_owner?(member)
      member.owner?
    end

    def prevent_upgrade_to_owner?(member)
      upgrading_to_owner? && cannot_assign_owner_responsibilities_to_member_in_project?(member)
    end

    def prevent_downgrade_from_owner?(member)
      downgrading_from_owner?(member) && cannot_revoke_owner_responsibilities_from_member_in_project?(member)
    end
  end
end

Members::UpdateService.prepend_mod_with('Members::UpdateService')
New upstream version 11.2.8+dfsg 2018-11-18 11:00:15 +05:30			`# frozen_string_literal: true`

New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`module Members`
			`class UpdateService < Members::BaseService`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`# @param members [Member, Array<Member>]`
			`# returns the updated member(s)`
			`def execute(members, permission: :update)`
			`members = Array.wrap(members)`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`old_access_level_expiry_map = members.to_h do \|member\|`
			`[member.id, { human_access: member.human_access, expires_at: member.expires_at }]`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`end`

New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`updated_members = update_members(members, permission)`
			`Member.transaction do`
			`updated_members.each { \|member\| post_update(member, permission, old_access_level_expiry_map) }`
New upstream version 13.9.3+ds1 2021-03-11 19:13:27 +05:30			`end`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30
			`prepare_response(members)`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`end`
New upstream version 11.5.6+dfsg 2019-01-03 12:48:30 +05:30
			`private`

New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`def update_members(members, permission)`
			# `filter_map` avoids the `post_update` call for the member that resulted in no change
			`Member.transaction do`
			`members.filter_map { \|member\| update_member(member, permission) }`
			`end`
			`rescue ActiveRecord::RecordInvalid`
			`[]`
			`end`

			`def update_member(member, permission)`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`raise Gitlab::Access::AccessDeniedError unless has_update_permissions?(member, permission)`

			`member.attributes = params`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`return unless member.changed?`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`member.tap(&:save!)`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`end`

			`def post_update(member, permission, old_access_level_expiry_map)`
			`old_access_level = old_access_level_expiry_map[member.id][:human_access]`
			`old_expiry = old_access_level_expiry_map[member.id][:expires_at]`

			`after_execute(action: permission, old_access_level: old_access_level, old_expiry: old_expiry, member: member)`
			`enqueue_delete_todos(member) if downgrading_to_guest? # Deletes only confidential issues todos for guests`
			`end`

			`def prepare_response(members)`
New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`errored_members = members.select { \|member\| member.errors.any? }`
			`if errored_members.present?`
			`error_message = errored_members.flat_map { \|member\| member.errors.full_messages }.uniq.to_sentence`
			`return error(error_message, pass_back: { members: errored_members })`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`end`

New upstream version 15.8.4+ds1 2023-03-17 16:20:25 +05:30			`success(members: members)`
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`end`
New upstream version 15.4.2+ds1 2022-10-11 01:57:18 +05:30
New upstream version 15.6.4+ds1 2023-01-13 00:05:48 +05:30			`def has_update_permissions?(member, permission)`
			`can?(current_user, action_member_permission(permission, member), member) &&`
			`!prevent_upgrade_to_owner?(member) &&`
			`!prevent_downgrade_from_owner?(member)`
New upstream version 15.4.2+ds1 2022-10-11 01:57:18 +05:30			`end`

New upstream version 11.5.6+dfsg 2019-01-03 12:48:30 +05:30			`def downgrading_to_guest?`
			`params[:access_level] == Gitlab::Access::GUEST`
			`end`
New upstream version 15.1.3+ds1 2022-07-23 23:45:48 +05:30
			`def upgrading_to_owner?`
			`params[:access_level] == Gitlab::Access::OWNER`
			`end`

			`def downgrading_from_owner?(member)`
			`member.owner?`
			`end`

			`def prevent_upgrade_to_owner?(member)`
			`upgrading_to_owner? && cannot_assign_owner_responsibilities_to_member_in_project?(member)`
			`end`

			`def prevent_downgrade_from_owner?(member)`
			`downgrading_from_owner?(member) && cannot_revoke_owner_responsibilities_from_member_in_project?(member)`
			`end`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`end`
			`end`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`Members::UpdateService.prepend_mod_with('Members::UpdateService')`