gitlab-org--gitlab-foss/app/services/members/destroy_service.rb

# frozen_string_literal: true

module Members
  class DestroyService < Members::BaseService
    def execute(member, skip_authorization: false, skip_subresources: false)
      raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_destroy_member?(member)

      @skip_auth = skip_authorization

      return member if member.is_a?(GroupMember) && member.source.last_owner?(member.user)

      member.destroy

      member.user&.invalidate_cache_counts

      if member.request? && member.user != current_user
        notification_service.decline_access_request(member)
      end

      delete_subresources(member) unless skip_subresources
      enqueue_delete_todos(member)

      after_execute(member: member)

      member
    end

    private

    def delete_subresources(member)
      return unless member.is_a?(GroupMember) && member.user && member.group

      delete_project_members(member)
      delete_subgroup_members(member)
    end

    def delete_project_members(member)
      groups = member.group.self_and_descendants

      ProjectMember.in_namespaces(groups).with_user(member.user).each do |project_member|
        self.class.new(current_user).execute(project_member, skip_authorization: @skip_auth)
      end
    end

    def delete_subgroup_members(member)
      groups = member.group.descendants

      GroupMember.of_groups(groups).with_user(member.user).each do |group_member|
        self.class.new(current_user).execute(group_member, skip_authorization: @skip_auth, skip_subresources: true)
      end
    end

    def can_destroy_member?(member)
      can?(current_user, destroy_member_permission(member), member)
    end

    def destroy_member_permission(member)
      case member
      when GroupMember
        :destroy_group_member
      when ProjectMember
        :destroy_project_member
      else
        raise "Unknown member type: #{member}!"
      end
    end
  end
end
Enable more frozen string in app/services/*/.rb Partially addresses #47424. 2018-07-17 12:50:37 -04:00			`# frozen_string_literal: true`

New Members::DestroyService This is to ensure we don't send unwanted notifications when deleting a project. In other words, stop abusing AR callbacks and use services. Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-17 08:06:55 -04:00			`module Members`
Remove explicit audit event log in MembershipActions Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-10-11 10:47:08 -04:00			`class DestroyService < Members::BaseService`
Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`def execute(member, skip_authorization: false, skip_subresources: false)`
Improve Member services Signed-off-by: Rémy Coutable <remy@rymai.me> 2018-02-16 09:10:22 -05:00			`raise Gitlab::Access::AccessDeniedError unless skip_authorization \|\| can_destroy_member?(member)`
Improve Members::DestroyService Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-28 13:31:17 -04:00
Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`@skip_auth = skip_authorization`

Improve Member services Signed-off-by: Rémy Coutable <remy@rymai.me> 2018-02-16 09:10:22 -05:00			`return member if member.is_a?(GroupMember) && member.source.last_owner?(member.user)`

Don't delete todos or unassign issues and MRs when a user leaves a project 2018-03-07 14:54:28 -05:00			`member.destroy`
Improve Member services Signed-off-by: Rémy Coutable <remy@rymai.me> 2018-02-16 09:10:22 -05:00
Don't delete todos or unassign issues and MRs when a user leaves a project 2018-03-07 14:54:28 -05:00			`member.user&.invalidate_cache_counts`
Improve Member services Signed-off-by: Rémy Coutable <remy@rymai.me> 2018-02-16 09:10:22 -05:00
			`if member.request? && member.user != current_user`
			`notification_service.decline_access_request(member)`
			`end`
Improve Members::DestroyService Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-28 13:31:17 -04:00
Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`delete_subresources(member) unless skip_subresources`
Delete confidential issue todos for guests Fix leaking information of confidential issues on TODOs when user is downgraded to guest access. 2018-12-11 13:15:10 -05:00			`enqueue_delete_todos(member)`
Delete todos when users loses target read permissions 2018-07-16 14:30:17 -04:00
Remove explicit audit event log in MembershipActions Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-10-11 10:47:08 -04:00			`after_execute(member: member)`
Improve Members::DestroyService Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-28 13:31:17 -04:00
Remove explicit audit event log in MembershipActions Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-10-11 10:47:08 -04:00			`member`
New Members::DestroyService This is to ensure we don't send unwanted notifications when deleting a project. In other words, stop abusing AR callbacks and use services. Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-17 08:06:55 -04:00			`end`
Improve Members::DestroyService Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-28 13:31:17 -04:00
			`private`

Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`def delete_subresources(member)`
			`return unless member.is_a?(GroupMember) && member.user && member.group`

			`delete_project_members(member)`
Remove code related to object hierarchy in MySQL These are not required because MySQL is not supported anymore 2019-07-24 05:20:54 -04:00			`delete_subgroup_members(member)`
Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`end`

			`def delete_project_members(member)`
			`groups = member.group.self_and_descendants`

			`ProjectMember.in_namespaces(groups).with_user(member.user).each do \|project_member\|`
			`self.class.new(current_user).execute(project_member, skip_authorization: @skip_auth)`
			`end`
			`end`

			`def delete_subgroup_members(member)`
			`groups = member.group.descendants`

Rename methods that conflict in Rails 5.2 Adds suffix to enum methods and changes `in_groups` to `of_groups` 2019-05-13 00:42:06 -04:00			`GroupMember.of_groups(groups).with_user(member.user).each do \|group_member\|`
Add subresources removal to member destroy service 2018-11-16 10:09:32 -05:00			`self.class.new(current_user).execute(group_member, skip_authorization: @skip_auth, skip_subresources: true)`
			`end`
			`end`

Invert method's naming Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-09-16 07:37:21 -04:00			`def can_destroy_member?(member)`
Improve Member services Signed-off-by: Rémy Coutable <remy@rymai.me> 2018-02-16 09:10:22 -05:00			`can?(current_user, destroy_member_permission(member), member)`
Refactor member view by using presenter - Create MemberPresenter alongside with GroupMemberPresenter and ProjectMemberPresenter - Make Member model Presentable - Move action_member_permission from MembersHelper into the MemberPresenter - Added rspec using double, separate specs for GroupMemberPresenter and ProjectMemberPresenter Fixes #28004. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-03-02 01:01:02 -05:00			`end`

			`def destroy_member_permission(member)`
			`case member`
			`when GroupMember`
			`:destroy_group_member`
			`when ProjectMember`
			`:destroy_project_member`
Remove explicit audit event log in MembershipActions Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-10-11 10:47:08 -04:00			`else`
			`raise "Unknown member type: #{member}!"`
Refactor member view by using presenter - Create MemberPresenter alongside with GroupMemberPresenter and ProjectMemberPresenter - Make Member model Presentable - Move action_member_permission from MembersHelper into the MemberPresenter - Added rspec using double, separate specs for GroupMemberPresenter and ProjectMemberPresenter Fixes #28004. Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-03-02 01:01:02 -05:00			`end`
Improve Members::DestroyService Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-07-28 13:31:17 -04:00			`end`
New Members::DestroyService This is to ensure we don't send unwanted notifications when deleting a project. In other words, stop abusing AR callbacks and use services. Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-17 08:06:55 -04:00			`end`
			`end`