debian-mirror-gitlab/app/finders/snippets_finder.rb

149 lines
4.3 KiB
Ruby
Raw Normal View History

2018-12-05 23:21:45 +05:30
# frozen_string_literal: true
2018-03-17 18:26:18 +05:30
# Snippets Finder
#
# Used to filter Snippets collections by a set of params
#
# Arguments.
#
# current_user - The current user, nil also can be used.
# params:
# visibility (integer) - Individual snippet visibility: Public(20), internal(10) or private(0).
# project (Project) - Project related.
# author (User) - Author related.
#
# params are optional
2017-08-17 22:00:37 +05:30
class SnippetsFinder < UnionFinder
2018-03-17 18:26:18 +05:30
include Gitlab::Allowable
2018-03-27 19:54:05 +05:30
include FinderMethods
attr_accessor :current_user, :project, :params
2017-08-17 22:00:37 +05:30
def initialize(current_user, params = {})
@current_user = current_user
@params = params
2018-03-17 18:26:18 +05:30
@project = params[:project]
2017-08-17 22:00:37 +05:30
end
def execute
items = init_collection
items = by_author(items)
items = by_visibility(items)
items.fresh
2015-04-26 12:48:37 +05:30
end
private
2017-08-17 22:00:37 +05:30
def init_collection
2018-03-17 18:26:18 +05:30
if project.present?
authorized_snippets_from_project
else
authorized_snippets
end
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-03-17 18:26:18 +05:30
def authorized_snippets_from_project
if can?(current_user, :read_project_snippet, project)
if project.team.member?(current_user)
project.snippets
else
project.snippets.public_to_user(current_user)
end
else
Snippet.none
end
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2017-08-17 22:00:37 +05:30
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-03-17 18:26:18 +05:30
def authorized_snippets
2018-11-08 19:23:39 +05:30
# This query was intentionally converted to a raw one to get it work in Rails 5.0.
# In Rails 5.0 and 5.1 there's a bug: https://github.com/rails/arel/issues/531
# Please convert it back when on rails 5.2 as it works again as expected since 5.2.
Snippet.where("#{feature_available_projects} OR #{not_project_related}")
2018-03-27 19:54:05 +05:30
.public_or_visible_to_user(current_user)
2015-04-26 12:48:37 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2015-04-26 12:48:37 +05:30
2018-03-17 18:26:18 +05:30
# Returns a collection of projects that is either public or visible to the
# logged in user.
#
# A caller must pass in a block to modify individual parts of
# the query, e.g. to apply .with_feature_available_for_user on top of it.
# This is useful for performance as we can stick those additional filters
# at the bottom of e.g. the UNION.
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2018-03-17 18:26:18 +05:30
def projects_for_user
return yield(Project.public_to_user) unless current_user
# If the current_user is allowed to see all projects,
# we can shortcut and just return.
return yield(Project.all) if current_user.full_private_access?
authorized_projects = yield(Project.where('EXISTS (?)', current_user.authorizations_for_projects))
levels = Gitlab::VisibilityLevel.levels_for_user(current_user)
visible_projects = yield(Project.where(visibility_level: levels))
2015-04-26 12:48:37 +05:30
2018-03-17 18:26:18 +05:30
# We use a UNION here instead of OR clauses since this results in better
# performance.
2018-12-05 23:21:45 +05:30
Project.from_union([authorized_projects, visible_projects])
2017-08-17 22:00:37 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2015-04-26 12:48:37 +05:30
2018-03-17 18:26:18 +05:30
def feature_available_projects
2018-03-27 19:54:05 +05:30
# Don't return any project related snippets if the user cannot read cross project
2018-11-08 19:23:39 +05:30
return table[:id].eq(nil).to_sql unless Ability.allowed?(current_user, :read_cross_project)
2018-03-27 19:54:05 +05:30
2018-03-17 18:26:18 +05:30
projects = projects_for_user do |part|
part.with_feature_available_for_user(:snippets, current_user)
end.select(:id)
2018-11-08 19:23:39 +05:30
# This query was intentionally converted to a raw one to get it work in Rails 5.0.
# In Rails 5.0 and 5.1 there's a bug: https://github.com/rails/arel/issues/531
# Please convert it back when on rails 5.2 as it works again as expected since 5.2.
"snippets.project_id IN (#{projects.to_sql})"
2018-03-17 18:26:18 +05:30
end
def not_project_related
2018-11-08 19:23:39 +05:30
table[:project_id].eq(nil).to_sql
2018-03-17 18:26:18 +05:30
end
def table
Snippet.arel_table
2017-08-17 22:00:37 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2017-08-17 22:00:37 +05:30
def by_visibility(items)
visibility = params[:visibility] || visibility_from_scope
return items unless visibility
items.where(visibility_level: visibility)
2015-04-26 12:48:37 +05:30
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2015-04-26 12:48:37 +05:30
2018-12-05 23:21:45 +05:30
# rubocop: disable CodeReuse/ActiveRecord
2017-08-17 22:00:37 +05:30
def by_author(items)
return items unless params[:author]
items.where(author_id: params[:author].id)
end
2018-12-05 23:21:45 +05:30
# rubocop: enable CodeReuse/ActiveRecord
2017-08-17 22:00:37 +05:30
def visibility_from_scope
case params[:scope].to_s
when 'are_private'
Snippet::PRIVATE
when 'are_internal'
Snippet::INTERNAL
when 'are_public'
Snippet::PUBLIC
2015-04-26 12:48:37 +05:30
else
2017-08-17 22:00:37 +05:30
nil
2015-04-26 12:48:37 +05:30
end
end
end