debian-mirror-gitlab/app/controllers/groups/group_members_controller.rb

# frozen_string_literal: true

class Groups::GroupMembersController < Groups::ApplicationController
  include MembershipActions
  include MembersPresentation
  include SortingHelper
  include Gitlab::Utils::StrongMemoize

  MEMBER_PER_PAGE_LIMIT = 50

  def self.admin_not_required_endpoints
    %i[index leave request_access]
  end

  # Authorize
  before_action :authorize_admin_group_member!, except: admin_not_required_endpoints

  skip_before_action :check_two_factor_requirement, only: :leave
  skip_cross_project_access_check :index, :create, :update, :destroy, :request_access,
                                  :approve_access_request, :leave, :resend_invite,
                                  :override

  feature_category :authentication_and_authorization

  helper_method :can_manage_members?

  def index
    preload_max_access
    @sort = params[:sort].presence || sort_value_name

    @members = GroupMembersFinder
      .new(@group, current_user, params: filter_params)
      .execute(include_relations: requested_relations)

    if can_manage_members?
      @skip_groups = @group.related_group_ids

      @invited_members = @members.invite
      @invited_members = @invited_members.search_invite_email(params[:search_invited]) if params[:search_invited].present?
      @invited_members = present_invited_members(@invited_members)
    end

    @members = present_group_members(@members.non_invite)

    @requesters = present_members(
      AccessRequestsFinder.new(@group).execute(current_user)
    )

    @group_member = @group.group_members.new
  end

  # MembershipActions concern
  alias_method :membershipable, :group

  private

  def preload_max_access
    return unless current_user

    # this allows the can? against admin type queries in this action to
    # only perform the query once, even if it is cached
    current_user.max_access_for_group[@group.id] = @group.max_member_access(current_user)
  end

  def can_manage_members?
    strong_memoize(:can_manage_members) do
      can?(current_user, :admin_group_member, @group)
    end
  end

  def present_invited_members(invited_members)
    present_members(invited_members
      .page(params[:invited_members_page])
      .per(MEMBER_PER_PAGE_LIMIT))
  end

  def present_group_members(members)
    present_members(members
      .page(params[:page])
      .per(MEMBER_PER_PAGE_LIMIT))
  end

  def filter_params
    params.permit(:two_factor, :search).merge(sort: @sort)
  end

  def membershipable_members
    group.members
  end
end

Groups::GroupMembersController.prepend_mod_with('Groups::GroupMembersController')
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`class Groups::GroupMembersController < Groups::ApplicationController`
Imported Upstream version 8.9.0+debian~rc4 2016-06-16 23:09:34 +05:30			`include MembershipActions`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`include MembersPresentation`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`include SortingHelper`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`include Gitlab::Utils::StrongMemoize`
Imported Upstream version 8.9.0+debian~rc4 2016-06-16 23:09:34 +05:30
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30			`MEMBER_PER_PAGE_LIMIT = 50`

New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`def self.admin_not_required_endpoints`
			`%i[index leave request_access]`
			`end`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`# Authorize`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`before_action :authorize_admin_group_member!, except: admin_not_required_endpoints`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`skip_before_action :check_two_factor_requirement, only: :leave`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`skip_cross_project_access_check :index, :create, :update, :destroy, :request_access,`
			`:approve_access_request, :leave, :resend_invite,`
			`:override`

New upstream version 13.5.5 2021-01-03 14:25:43 +05:30			`feature_category :authentication_and_authorization`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`helper_method :can_manage_members?`

Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`def index`
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`preload_max_access`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`@sort = params[:sort].presence \|\| sort_value_name`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30
			`@members = GroupMembersFinder`
			`.new(@group, current_user, params: filter_params)`
			`.execute(include_relations: requested_relations)`
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`if can_manage_members?`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`@skip_groups = @group.related_group_ids`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30
			`@invited_members = @members.invite`
			`@invited_members = @invited_members.search_invite_email(params[:search_invited]) if params[:search_invited].present?`
			`@invited_members = present_invited_members(@invited_members)`
New upstream version 12.2.8 2019-10-12 21:52:04 +05:30			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`@members = present_group_members(@members.non_invite)`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`@requesters = present_members(`
New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`AccessRequestsFinder.new(@group).execute(current_user)`
			`)`
Imported Upstream version 8.2.1 2015-11-26 14:37:03 +05:30
			`@group_member = @group.group_members.new`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`

Imported Upstream version 8.9.0+debian~rc4 2016-06-16 23:09:34 +05:30			`# MembershipActions concern`
			`alias_method :membershipable, :group`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30
			`private`

New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`def preload_max_access`
			`return unless current_user`

			`# this allows the can? against admin type queries in this action to`
			`# only perform the query once, even if it is cached`
			`current_user.max_access_for_group[@group.id] = @group.max_member_access(current_user)`
			`end`

			`def can_manage_members?`
			`strong_memoize(:can_manage_members) do`
			`can?(current_user, :admin_group_member, @group)`
			`end`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`def present_invited_members(invited_members)`
			`present_members(invited_members`
			`.page(params[:invited_members_page])`
			`.per(MEMBER_PER_PAGE_LIMIT))`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`def present_group_members(members)`
			`present_members(members`
			`.page(params[:page])`
			`.per(MEMBER_PER_PAGE_LIMIT))`
New upstream version 12.8.6 2020-03-13 15:44:24 +05:30			`end`

New upstream version 13.0.0 2020-05-24 23:13:21 +05:30			`def filter_params`
			`params.permit(:two_factor, :search).merge(sort: @sort)`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`end`
New upstream version 13.5.5 2021-01-03 14:25:43 +05:30
			`def membershipable_members`
			`group.members`
			`end`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`end`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30
New upstream version 13.12.3+ds1 2021-06-08 01:23:25 +05:30			`Groups::GroupMembersController.prepend_mod_with('Groups::GroupMembersController')`