debian-mirror-gitlab/app/services/groups/update_service.rb

163 lines
4.7 KiB
Ruby
Raw Normal View History

2018-11-18 11:00:15 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
module Groups
class UpdateService < Groups::BaseService
2018-03-17 18:26:18 +05:30
include UpdateVisibilityLevel
2021-01-03 14:25:43 +05:30
SETTINGS_PARAMS = [:allow_mfa_for_subgroups].freeze
2016-06-02 11:05:42 +05:30
def execute
2017-08-17 22:00:37 +05:30
reject_parent_id!
2019-07-07 11:18:12 +05:30
remove_unallowed_params
2017-08-17 22:00:37 +05:30
2019-12-21 20:55:43 +05:30
if renaming_group_with_container_registry_images?
group.errors.add(:base, container_images_error)
return false
end
2018-03-17 18:26:18 +05:30
return false unless valid_visibility_level_change?(group, params[:visibility_level])
2016-06-02 11:05:42 +05:30
2018-03-17 18:26:18 +05:30
return false unless valid_share_with_group_lock_change?
2016-06-02 11:05:42 +05:30
2020-10-24 23:57:45 +05:30
return false unless valid_path_change_with_npm_packages?
2021-01-03 14:25:43 +05:30
return false unless update_shared_runners
handle_changes
2019-03-02 22:35:43 +05:30
before_assignment_hook(group, params)
2021-01-03 14:25:43 +05:30
handle_namespace_settings
2016-06-02 11:05:42 +05:30
group.assign_attributes(params)
2017-08-17 22:00:37 +05:30
begin
2018-12-13 13:39:08 +05:30
success = group.save
2018-11-18 11:00:15 +05:30
2018-12-13 13:39:08 +05:30
after_update if success
success
2017-08-17 22:00:37 +05:30
rescue Gitlab::UpdatePathError => e
group.errors.add(:base, e.message)
false
end
end
private
2021-01-03 14:25:43 +05:30
def handle_namespace_settings
settings_params = params.slice(*::NamespaceSetting::NAMESPACE_SETTINGS_PARAMS)
return if settings_params.empty?
::NamespaceSetting::NAMESPACE_SETTINGS_PARAMS.each do |nsp|
params.delete(nsp)
end
::NamespaceSettings::UpdateService.new(current_user, group, settings_params).execute
end
2020-10-24 23:57:45 +05:30
def valid_path_change_with_npm_packages?
return true unless group.packages_feature_enabled?
return true if params[:path].blank?
return true if !group.has_parent? && group.path == params[:path]
npm_packages = ::Packages::GroupPackagesFinder.new(current_user, group, package_type: :npm).execute
if npm_packages.exists?
group.errors.add(:path, s_('GroupSettings|cannot change when group contains projects with NPM packages'))
return
end
true
end
2019-03-02 22:35:43 +05:30
def before_assignment_hook(group, params)
2019-07-07 11:18:12 +05:30
# overridden in EE
2019-03-02 22:35:43 +05:30
end
2019-12-21 20:55:43 +05:30
def renaming_group_with_container_registry_images?
new_path = params[:path]
2019-12-26 22:10:19 +05:30
new_path &&
new_path != group.path &&
group.has_container_repository_including_subgroups?
2019-12-21 20:55:43 +05:30
end
def container_images_error
s_("GroupSettings|Cannot update the path because there are projects under this group that contain Docker images in their Container Registry. Please remove the images from your projects first and try again.")
end
2018-11-18 11:00:15 +05:30
def after_update
if group.previous_changes.include?(:visibility_level) && group.private?
# don't enqueue immediately to prevent todos removal in case of a mistake
2019-01-03 12:48:30 +05:30
TodosDestroyer::GroupPrivateWorker.perform_in(Todo::WAIT_FOR_DELETE, group.id)
2018-11-18 11:00:15 +05:30
end
2021-01-03 14:25:43 +05:30
update_two_factor_requirement_for_subgroups
end
def update_two_factor_requirement_for_subgroups
settings = group.namespace_settings
return if settings.allow_mfa_for_subgroups
if settings.previous_changes.include?(:allow_mfa_for_subgroups)
# enque in batches members update
DisallowTwoFactorForSubgroupsWorker.perform_async(group.id)
end
2018-11-18 11:00:15 +05:30
end
2017-08-17 22:00:37 +05:30
def reject_parent_id!
2019-02-15 15:39:39 +05:30
params.delete(:parent_id)
2016-06-02 11:05:42 +05:30
end
2018-03-17 18:26:18 +05:30
2019-10-12 21:52:04 +05:30
# overridden in EE
def remove_unallowed_params
params.delete(:emails_disabled) unless can?(current_user, :set_emails_disabled, group)
2020-05-24 23:13:21 +05:30
params.delete(:default_branch_protection) unless can?(current_user, :update_default_branch_protection, group)
2019-10-12 21:52:04 +05:30
end
2021-01-03 14:25:43 +05:30
def handle_changes
handle_settings_update
end
def handle_settings_update
settings_params = params.slice(*allowed_settings_params)
allowed_settings_params.each { |param| params.delete(param) }
::NamespaceSettings::UpdateService.new(current_user, group, settings_params).execute
end
def allowed_settings_params
SETTINGS_PARAMS
end
2018-03-17 18:26:18 +05:30
def valid_share_with_group_lock_change?
return true unless changing_share_with_group_lock?
return true if can?(current_user, :change_share_with_group_lock, group)
group.errors.add(:share_with_group_lock, s_('GroupSettings|cannot be disabled when the parent group "Share with group lock" is enabled, except by the owner of the parent group'))
false
end
def changing_share_with_group_lock?
return false if params[:share_with_group_lock].nil?
params[:share_with_group_lock] != group.share_with_group_lock
end
2021-01-03 14:25:43 +05:30
def update_shared_runners
return true if params[:shared_runners_setting].nil?
result = Groups::UpdateSharedRunnersService.new(group, current_user, shared_runners_setting: params.delete(:shared_runners_setting)).execute
return true if result[:status] == :success
group.errors.add(:update_shared_runners, result[:message])
false
end
2016-06-02 11:05:42 +05:30
end
end
2019-12-04 20:38:33 +05:30
Groups::UpdateService.prepend_if_ee('EE::Groups::UpdateService')