debian-mirror-gitlab/app/models/group.rb

286 lines
7.8 KiB
Ruby
Raw Normal View History

2014-09-02 18:07:02 +05:30
require 'carrierwave/orm/activerecord'
class Group < Namespace
2015-09-11 14:41:01 +05:30
include Gitlab::ConfigHelper
include AccessRequestable
2017-09-10 17:25:29 +05:30
include Avatarable
2015-09-11 14:41:01 +05:30
include Referable
2017-08-17 22:00:37 +05:30
include SelectForProjectAuthorization
2016-04-02 18:10:28 +05:30
2017-09-10 17:25:29 +05:30
has_many :group_members, -> { where(requested_at: nil) }, dependent: :destroy, as: :source # rubocop:disable Cop/ActiveRecordDependent
2015-11-26 14:37:03 +05:30
alias_method :members, :group_members
2016-08-24 12:49:21 +05:30
has_many :users, through: :group_members
2016-06-22 15:30:34 +05:30
has_many :owners,
-> { where(members: { access_level: Gitlab::Access::OWNER }) },
through: :group_members,
source: :user
2017-09-10 17:25:29 +05:30
has_many :requesters, -> { where.not(requested_at: nil) }, dependent: :destroy, as: :source, class_name: 'GroupMember' # rubocop:disable Cop/ActiveRecordDependent
2016-08-24 12:49:21 +05:30
2017-09-10 17:25:29 +05:30
has_many :milestones
has_many :project_group_links, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
2016-06-02 11:05:42 +05:30
has_many :shared_projects, through: :project_group_links, source: :project
2017-09-10 17:25:29 +05:30
has_many :notification_settings, dependent: :destroy, as: :source # rubocop:disable Cop/ActiveRecordDependent
2016-11-03 12:29:30 +05:30
has_many :labels, class_name: 'GroupLabel'
2017-09-10 17:25:29 +05:30
has_many :variables, class_name: 'Ci::GroupVariable'
2014-09-02 18:07:02 +05:30
2015-09-11 14:41:01 +05:30
validate :avatar_type, if: ->(user) { user.avatar.present? && user.avatar_changed? }
2016-06-02 11:05:42 +05:30
validate :visibility_level_allowed_by_projects
2015-04-26 12:48:37 +05:30
validates :avatar, file_size: { maximum: 200.kilobytes.to_i }
2014-09-02 18:07:02 +05:30
2017-08-17 22:00:37 +05:30
validates :two_factor_grace_period, presence: true, numericality: { greater_than_or_equal_to: 0 }
2015-04-26 12:48:37 +05:30
mount_uploader :avatar, AvatarUploader
2017-09-10 17:25:29 +05:30
has_many :uploads, as: :model, dependent: :destroy # rubocop:disable Cop/ActiveRecordDependent
2015-04-26 12:48:37 +05:30
after_create :post_create_hook
after_destroy :post_destroy_hook
2017-08-17 22:00:37 +05:30
after_save :update_two_factor_requirement
2015-04-26 12:48:37 +05:30
class << self
2017-09-10 17:25:29 +05:30
def supports_nested_groups?
Gitlab::Database.postgresql?
end
2016-06-02 11:05:42 +05:30
# Searches for groups matching the given query.
#
# This method uses ILIKE on PostgreSQL and LIKE on MySQL.
#
# query - The search query as a String
#
# Returns an ActiveRecord::Relation.
2015-04-26 12:48:37 +05:30
def search(query)
2016-06-02 11:05:42 +05:30
table = Namespace.arel_table
pattern = "%#{query}%"
where(table[:name].matches(pattern).or(table[:path].matches(pattern)))
2015-04-26 12:48:37 +05:30
end
def sort(method)
2017-08-17 22:00:37 +05:30
if method == 'storage_size_desc'
# storage_size is a virtual column so we need to
# pass a string to avoid AR adding the table name
reorder('storage_size DESC, namespaces.id DESC')
else
order_by(method)
end
2015-04-26 12:48:37 +05:30
end
2015-09-11 14:41:01 +05:30
def reference_prefix
User.reference_prefix
end
def reference_pattern
User.reference_pattern
end
2015-11-26 14:37:03 +05:30
def visible_to_user(user)
where(id: user.authorized_groups.select(:id).reorder(nil))
end
2017-08-17 22:00:37 +05:30
def select_for_project_authorization
if current_scope.joins_values.include?(:shared_projects)
joins('INNER JOIN namespaces project_namespace ON project_namespace.id = projects.namespace_id')
.where('project_namespace.share_with_group_lock = ?', false)
2017-09-10 17:25:29 +05:30
.select("projects.id AS project_id, LEAST(project_group_links.group_access, members.access_level) AS access_level")
2017-08-17 22:00:37 +05:30
else
super
end
end
2015-09-11 14:41:01 +05:30
end
2017-08-17 22:00:37 +05:30
def to_reference(_from_project = nil, full: nil)
"#{self.class.reference_prefix}#{full_path}"
2015-04-26 12:48:37 +05:30
end
2014-09-02 18:07:02 +05:30
def web_url
2016-11-03 12:29:30 +05:30
Gitlab::Routing.url_helpers.group_canonical_url(self)
end
2014-09-02 18:07:02 +05:30
def human_name
2017-08-17 22:00:37 +05:30
full_name
2014-09-02 18:07:02 +05:30
end
2016-06-02 11:05:42 +05:30
def visibility_level_allowed_by_projects
allowed_by_projects = self.projects.where('visibility_level > ?', self.visibility_level).none?
unless allowed_by_projects
level_name = Gitlab::VisibilityLevel.level_name(visibility_level).downcase
self.errors.add(:visibility_level, "#{level_name} is not allowed since there are projects with higher visibility.")
end
allowed_by_projects
end
2017-09-10 17:25:29 +05:30
def avatar_url(**args)
# We use avatar_path instead of overriding avatar_url because of carrierwave.
# See https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11001/diffs#note_28659864
avatar_path(args)
2015-09-11 14:41:01 +05:30
end
2016-09-29 09:46:39 +05:30
def lfs_enabled?
return false unless Gitlab.config.lfs.enabled
return Gitlab.config.lfs.enabled if self[:lfs_enabled].nil?
self[:lfs_enabled]
end
2016-11-03 12:29:30 +05:30
def add_users(users, access_level, current_user: nil, expires_at: nil)
2017-08-17 22:00:37 +05:30
GroupMember.add_users(
2016-11-03 12:29:30 +05:30
self,
users,
access_level,
current_user: current_user,
expires_at: expires_at
)
2014-09-02 18:07:02 +05:30
end
2016-09-13 17:45:13 +05:30
def add_user(user, access_level, current_user: nil, expires_at: nil)
2016-11-03 12:29:30 +05:30
GroupMember.add_user(
self,
user,
access_level,
current_user: current_user,
expires_at: expires_at
)
2014-09-02 18:07:02 +05:30
end
2015-09-11 14:41:01 +05:30
def add_guest(user, current_user = nil)
2016-11-03 12:29:30 +05:30
add_user(user, :guest, current_user: current_user)
2015-09-11 14:41:01 +05:30
end
def add_reporter(user, current_user = nil)
2016-11-03 12:29:30 +05:30
add_user(user, :reporter, current_user: current_user)
2015-09-11 14:41:01 +05:30
end
def add_developer(user, current_user = nil)
2016-11-03 12:29:30 +05:30
add_user(user, :developer, current_user: current_user)
2015-09-11 14:41:01 +05:30
end
def add_master(user, current_user = nil)
2016-11-03 12:29:30 +05:30
add_user(user, :master, current_user: current_user)
2015-09-11 14:41:01 +05:30
end
2015-04-26 12:48:37 +05:30
def add_owner(user, current_user = nil)
2016-11-03 12:29:30 +05:30
add_user(user, :owner, current_user: current_user)
2014-09-02 18:07:02 +05:30
end
def has_owner?(user)
2017-09-10 17:25:29 +05:30
return false unless user
2017-08-17 22:00:37 +05:30
members_with_parents.owners.where(user_id: user).any?
2014-09-02 18:07:02 +05:30
end
def has_master?(user)
2017-09-10 17:25:29 +05:30
return false unless user
2017-08-17 22:00:37 +05:30
members_with_parents.masters.where(user_id: user).any?
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
# Check if user is a last owner of the group.
# Parent owners are ignored for nested groups.
2014-09-02 18:07:02 +05:30
def last_owner?(user)
2017-08-17 22:00:37 +05:30
owners.include?(user) && owners.size == 1
2014-09-02 18:07:02 +05:30
end
def avatar_type
unless self.avatar.image?
self.errors.add :avatar, "only images allowed"
end
end
2015-04-26 12:48:37 +05:30
def post_create_hook
2015-09-11 14:41:01 +05:30
Gitlab::AppLogger.info("Group \"#{name}\" was created")
2015-04-26 12:48:37 +05:30
system_hook_service.execute_hooks_for(self, :create)
end
2014-09-02 18:07:02 +05:30
2015-04-26 12:48:37 +05:30
def post_destroy_hook
2015-09-11 14:41:01 +05:30
Gitlab::AppLogger.info("Group \"#{name}\" was removed")
2015-04-26 12:48:37 +05:30
system_hook_service.execute_hooks_for(self, :destroy)
end
def system_hook_service
SystemHooksService.new
2014-09-02 18:07:02 +05:30
end
2017-08-17 22:00:37 +05:30
def refresh_members_authorized_projects
2017-09-10 17:25:29 +05:30
UserProjectAccessChangedService.new(user_ids_for_project_authorizations)
.execute
2017-08-17 22:00:37 +05:30
end
def user_ids_for_project_authorizations
2017-09-10 17:25:29 +05:30
members_with_parents.pluck(:user_id)
2017-08-17 22:00:37 +05:30
end
def members_with_parents
2017-09-10 17:25:29 +05:30
# Avoids an unnecessary SELECT when the group has no parents
source_ids =
if parent_id
self_and_ancestors.reorder(nil).select(:id)
else
id
end
GroupMember
.active_without_invites
.where(source_id: source_ids)
end
def members_with_descendants
GroupMember
.active_without_invites
.where(source_id: self_and_descendants.reorder(nil).select(:id))
2017-08-17 22:00:37 +05:30
end
def users_with_parents
2017-09-10 17:25:29 +05:30
User
.where(id: members_with_parents.select(:user_id))
.reorder(nil)
end
def users_with_descendants
User
.where(id: members_with_descendants.select(:user_id))
.reorder(nil)
end
def max_member_access_for_user(user)
return GroupMember::OWNER if user.admin?
members_with_parents
.where(user_id: user)
.reorder(access_level: :desc)
.first&.
access_level || GroupMember::NO_ACCESS
2017-08-17 22:00:37 +05:30
end
def mattermost_team_params
max_length = 59
{
name: path[0..max_length],
display_name: name[0..max_length],
type: public? ? 'O' : 'I' # Open vs Invite-only
}
end
2017-09-10 17:25:29 +05:30
def secret_variables_for(ref, project)
list_of_ids = [self] + ancestors
variables = Ci::GroupVariable.where(group: list_of_ids)
variables = variables.unprotected unless project.protected_for?(ref)
variables = variables.group_by(&:group_id)
list_of_ids.reverse.map { |group| variables[group.id] }.compact.flatten
end
2017-08-17 22:00:37 +05:30
protected
def update_two_factor_requirement
return unless require_two_factor_authentication_changed? || two_factor_grace_period_changed?
users.find_each(&:update_two_factor_requirement)
end
2014-09-02 18:07:02 +05:30
end