debian-mirror-gitlab/app/finders/issues_finder.rb

# frozen_string_literal: true

# Finders::Issues class
#
# Used to filter Issues collections by set of params
#
# Arguments:
#   current_user - which user use
#   params:
#     scope: 'created_by_me' or 'assigned_to_me' or 'all'
#     state: 'open' or 'closed' or 'all'
#     group_id: integer
#     project_id: integer
#     milestone_title: string
#     assignee_id: integer
#     search: string
#     in: 'title', 'description', or a string joining them with comma
#     label_name: string
#     sort: string
#     my_reaction_emoji: string
#     public_only: boolean
#     due_date: date or '0', '', 'overdue', 'week', or 'month'
#     created_after: datetime
#     created_before: datetime
#     updated_after: datetime
#     updated_before: datetime
#
class IssuesFinder < IssuableFinder
  CONFIDENTIAL_ACCESS_LEVEL = Gitlab::Access::REPORTER

  def self.scalar_params
    @scalar_params ||= super + [:due_date]
  end

  # rubocop: disable CodeReuse/ActiveRecord
  def klass
    Issue.includes(:author)
  end
  # rubocop: enable CodeReuse/ActiveRecord

  # rubocop: disable CodeReuse/ActiveRecord
  def with_confidentiality_access_check
    return Issue.all if user_can_see_all_confidential_issues?
    return Issue.where('issues.confidential IS NOT TRUE') if user_cannot_see_confidential_issues?

    Issue.where('
      issues.confidential IS NOT TRUE
      OR (issues.confidential = TRUE
        AND (issues.author_id = :user_id
          OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = :user_id AND issue_id = issues.id)
          OR EXISTS (:authorizations)))',
      user_id: current_user.id,
      authorizations: current_user.authorizations_for_projects(min_access_level: CONFIDENTIAL_ACCESS_LEVEL, related_project_column: "issues.project_id"))
  end
  # rubocop: enable CodeReuse/ActiveRecord

  private

  def init_collection
    if public_only?
      Issue.public_only
    else
      with_confidentiality_access_check
    end
  end

  def public_only?
    params.fetch(:public_only, false)
  end

  def filter_items(items)
    issues = super
    issues = by_due_date(issues)
    issues = by_confidential(issues)
    issues
  end

  def by_confidential(items)
    return items if params[:confidential].nil?

    params[:confidential] ? items.confidential_only : items.public_only
  end

  def by_due_date(items)
    if due_date?
      if filter_by_no_due_date?
        items = items.without_due_date
      elsif filter_by_overdue?
        items = items.due_before(Date.today)
      elsif filter_by_due_this_week?
        items = items.due_between(Date.today.beginning_of_week, Date.today.end_of_week)
      elsif filter_by_due_this_month?
        items = items.due_between(Date.today.beginning_of_month, Date.today.end_of_month)
      elsif filter_by_due_next_month_and_previous_two_weeks?
        items = items.due_between(Date.today - 2.weeks, (Date.today + 1.month).end_of_month)
      end
    end

    items
  end

  def filter_by_no_due_date?
    due_date? && params[:due_date] == Issue::NoDueDate.name
  end

  def filter_by_overdue?
    due_date? && params[:due_date] == Issue::Overdue.name
  end

  def filter_by_due_this_week?
    due_date? && params[:due_date] == Issue::DueThisWeek.name
  end

  def filter_by_due_this_month?
    due_date? && params[:due_date] == Issue::DueThisMonth.name
  end

  def filter_by_due_next_month_and_previous_two_weeks?
    due_date? && params[:due_date] == Issue::DueNextMonthAndPreviousTwoWeeks.name
  end

  def due_date?
    params[:due_date].present?
  end

  def user_can_see_all_confidential_issues?
    return @user_can_see_all_confidential_issues if defined?(@user_can_see_all_confidential_issues)

    return @user_can_see_all_confidential_issues = false if current_user.blank?
    return @user_can_see_all_confidential_issues = true if current_user.can_read_all_resources?

    @user_can_see_all_confidential_issues =
      if project? && project
        project.team.max_member_access(current_user.id) >= CONFIDENTIAL_ACCESS_LEVEL
      elsif group
        group.max_member_access_for_user(current_user) >= CONFIDENTIAL_ACCESS_LEVEL
      else
        false
      end
  end

  def user_cannot_see_confidential_issues?
    return false if user_can_see_all_confidential_issues?

    current_user.blank?
  end
end

IssuesFinder.prepend_if_ee('EE::IssuesFinder')
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# frozen_string_literal: true`

Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`# Finders::Issues class`
			`#`
			`# Used to filter Issues collections by set of params`
			`#`
			`# Arguments:`
			`# current_user - which user use`
			`# params:`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`# scope: 'created_by_me' or 'assigned_to_me' or 'all'`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`# state: 'open' or 'closed' or 'all'`
			`# group_id: integer`
			`# project_id: integer`
New upstream version 9.2.10+dfsg 2017-08-17 22:00:37 +05:30			`# milestone_title: string`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`# assignee_id: integer`
			`# search: string`
New upstream version 11.8.0 2019-03-02 22:35:43 +05:30			`# in: 'title', 'description', or a string joining them with comma`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`# label_name: string`
			`# sort: string`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`# my_reaction_emoji: string`
			`# public_only: boolean`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`# due_date: date or '0', '', 'overdue', 'week', or 'month'`
			`# created_after: datetime`
			`# created_before: datetime`
			`# updated_after: datetime`
			`# updated_before: datetime`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`#`
Imported Upstream version 7.10.0 2015-04-26 12:48:37 +05:30			`class IssuesFinder < IssuableFinder`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`CONFIDENTIAL_ACCESS_LEVEL = Gitlab::Access::REPORTER`

New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`def self.scalar_params`
			`@scalar_params \|\|= super + [:due_date]`
			`end`

New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`def klass`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`Issue.includes(:author)`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: disable CodeReuse/ActiveRecord`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`def with_confidentiality_access_check`
			`return Issue.all if user_can_see_all_confidential_issues?`
			`return Issue.where('issues.confidential IS NOT TRUE') if user_cannot_see_confidential_issues?`

			`Issue.where('`
			`issues.confidential IS NOT TRUE`
			`OR (issues.confidential = TRUE`
			`AND (issues.author_id = :user_id`
			`OR EXISTS (SELECT TRUE FROM issue_assignees WHERE user_id = :user_id AND issue_id = issues.id)`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`OR EXISTS (:authorizations)))',`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`user_id: current_user.id,`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`authorizations: current_user.authorizations_for_projects(min_access_level: CONFIDENTIAL_ACCESS_LEVEL, related_project_column: "issues.project_id"))`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`# rubocop: enable CodeReuse/ActiveRecord`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`private`

			`def init_collection`
New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`if public_only?`
			`Issue.public_only`
			`else`
			`with_confidentiality_access_check`
			`end`
			`end`

			`def public_only?`
			`params.fetch(:public_only, false)`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`

New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`def filter_items(items)`
New upstream version 11.10.8+dfsg 2019-07-07 11:18:12 +05:30			`issues = super`
			`issues = by_due_date(issues)`
			`issues = by_confidential(issues)`
			`issues`
			`end`

			`def by_confidential(items)`
			`return items if params[:confidential].nil?`

			`params[:confidential] ? items.confidential_only : items.public_only`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`end`

			`def by_due_date(items)`
			`if due_date?`
			`if filter_by_no_due_date?`
			`items = items.without_due_date`
			`elsif filter_by_overdue?`
			`items = items.due_before(Date.today)`
			`elsif filter_by_due_this_week?`
			`items = items.due_between(Date.today.beginning_of_week, Date.today.end_of_week)`
			`elsif filter_by_due_this_month?`
			`items = items.due_between(Date.today.beginning_of_month, Date.today.end_of_month)`
New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`elsif filter_by_due_next_month_and_previous_two_weeks?`
			`items = items.due_between(Date.today - 2.weeks, (Date.today + 1.month).end_of_month)`
New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`end`
			`end`

			`items`
			`end`

			`def filter_by_no_due_date?`
			`due_date? && params[:due_date] == Issue::NoDueDate.name`
			`end`

			`def filter_by_overdue?`
			`due_date? && params[:due_date] == Issue::Overdue.name`
			`end`

			`def filter_by_due_this_week?`
			`due_date? && params[:due_date] == Issue::DueThisWeek.name`
			`end`

			`def filter_by_due_this_month?`
			`due_date? && params[:due_date] == Issue::DueThisMonth.name`
			`end`

New upstream version 11.1.8+dfsg 2018-11-08 19:23:39 +05:30			`def filter_by_due_next_month_and_previous_two_weeks?`
			`due_date? && params[:due_date] == Issue::DueNextMonthAndPreviousTwoWeeks.name`
			`end`

New upstream version 10.6.0+dfsg 2018-03-27 19:54:05 +05:30			`def due_date?`
			`params[:due_date].present?`
			`end`

New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`def user_can_see_all_confidential_issues?`
			`return @user_can_see_all_confidential_issues if defined?(@user_can_see_all_confidential_issues)`

			`return @user_can_see_all_confidential_issues = false if current_user.blank?`
New upstream version 12.6.1 2020-01-01 13:55:28 +05:30			`return @user_can_see_all_confidential_issues = true if current_user.can_read_all_resources?`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30
			`@user_can_see_all_confidential_issues =`
New upstream version 11.4.9+dfsg 2018-12-05 23:21:45 +05:30			`if project? && project`
			`project.team.max_member_access(current_user.id) >= CONFIDENTIAL_ACCESS_LEVEL`
			`elsif group`
			`group.max_member_access_for_user(current_user) >= CONFIDENTIAL_ACCESS_LEVEL`
			`else`
			`false`
			`end`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`end`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`def user_cannot_see_confidential_issues?`
New upstream version 9.5.4+dfsg 2017-09-10 17:25:29 +05:30			`return false if user_can_see_all_confidential_issues?`

New upstream version 10.5.5+dfsg 2018-03-17 18:26:18 +05:30			`current_user.blank?`
Imported Upstream version 8.8.2+dfsg 2016-06-02 11:05:42 +05:30			`end`
Imported Upstream version 7.2.1 2014-09-02 18:07:02 +05:30			`end`
New upstream version 12.3.8 2019-12-04 20:38:33 +05:30
			`IssuesFinder.prepend_if_ee('EE::IssuesFinder')`