2018-07-16 12:31:01 -04:00
# frozen_string_literal: true
2016-03-08 19:01:33 -05:00
module Groups
class UpdateService < Groups :: BaseService
2017-09-02 02:59:24 -04:00
include UpdateVisibilityLevel
2020-10-15 08:09:06 -04:00
SETTINGS_PARAMS = [ :allow_mfa_for_subgroups ] . freeze
2016-03-08 19:01:33 -05:00
def execute
2017-03-28 07:09:44 -04:00
reject_parent_id!
2019-04-02 11:55:34 -04:00
remove_unallowed_params
2017-03-28 07:09:44 -04:00
2019-10-16 05:07:51 -04:00
if renaming_group_with_container_registry_images?
group . errors . add ( :base , container_images_error )
return false
end
2021-10-28 14:14:18 -04:00
return false unless valid_visibility_level_change? ( group , group . visibility_attribute_value ( params ) )
2016-03-08 19:01:33 -05:00
2017-09-01 21:00:46 -04:00
return false unless valid_share_with_group_lock_change?
2020-07-19 23:09:39 -04:00
return false unless valid_path_change_with_npm_packages?
2020-09-30 11:09:46 -04:00
return false unless update_shared_runners
2020-10-15 08:09:06 -04:00
handle_changes
2019-02-04 12:42:53 -05:00
before_assignment_hook ( group , params )
2020-10-08 20:08:41 -04:00
handle_namespace_settings
2016-03-20 16:03:53 -04:00
group . assign_attributes ( params )
2016-03-08 19:01:33 -05:00
2016-12-20 11:52:27 -05:00
begin
2018-10-18 04:43:49 -04:00
success = group . save
2018-08-02 10:16:58 -04:00
2018-10-18 04:43:49 -04:00
after_update if success
success
2016-12-20 11:52:27 -05:00
rescue Gitlab :: UpdatePathError = > e
group . errors . add ( :base , e . message )
false
end
2016-03-08 19:01:33 -05:00
end
2017-03-28 07:09:44 -04:00
private
2020-07-19 23:09:39 -04:00
def valid_path_change_with_npm_packages?
return true unless group . packages_feature_enabled?
return true if params [ :path ] . blank?
return true if ! group . has_parent? && group . path == params [ :path ]
npm_packages = :: Packages :: GroupPackagesFinder . new ( current_user , group , package_type : :npm ) . execute
if npm_packages . exists?
group . errors . add ( :path , s_ ( 'GroupSettings|cannot change when group contains projects with NPM packages' ) )
return
end
true
end
2019-02-04 12:42:53 -05:00
def before_assignment_hook ( group , params )
2019-02-25 05:42:31 -05:00
# overridden in EE
2019-02-04 12:42:53 -05:00
end
2019-10-16 05:07:51 -04:00
def renaming_group_with_container_registry_images?
new_path = params [ :path ]
2019-11-08 04:06:07 -05:00
new_path &&
new_path != group . path &&
group . has_container_repository_including_subgroups?
2019-10-16 05:07:51 -04:00
end
def container_images_error
s_ ( " GroupSettings|Cannot update the path because there are projects under this group that contain Docker images in their Container Registry. Please remove the images from your projects first and try again. " )
end
2018-08-02 10:16:58 -04:00
def after_update
2021-10-28 14:14:18 -04:00
if group . previous_changes . include? ( group . visibility_level_field ) && group . private?
2018-08-02 10:16:58 -04:00
# don't enqueue immediately to prevent todos removal in case of a mistake
2018-12-11 13:15:10 -05:00
TodosDestroyer :: GroupPrivateWorker . perform_in ( Todo :: WAIT_FOR_DELETE , group . id )
2018-08-02 10:16:58 -04:00
end
2020-10-15 08:09:06 -04:00
update_two_factor_requirement_for_subgroups
end
def update_two_factor_requirement_for_subgroups
settings = group . namespace_settings
return if settings . allow_mfa_for_subgroups
if settings . previous_changes . include? ( :allow_mfa_for_subgroups )
# enque in batches members update
DisallowTwoFactorForSubgroupsWorker . perform_async ( group . id )
end
2018-08-02 10:16:58 -04:00
end
2017-03-28 07:09:44 -04:00
def reject_parent_id!
2018-12-14 17:58:57 -05:00
params . delete ( :parent_id )
2017-03-28 07:09:44 -04:00
end
2017-09-01 21:00:46 -04:00
2019-08-15 13:37:36 -04:00
# overridden in EE
def remove_unallowed_params
params . delete ( :emails_disabled ) unless can? ( current_user , :set_emails_disabled , group )
2020-04-24 05:09:44 -04:00
params . delete ( :default_branch_protection ) unless can? ( current_user , :update_default_branch_protection , group )
2019-08-15 13:37:36 -04:00
end
2020-10-15 08:09:06 -04:00
def handle_changes
handle_settings_update
end
def handle_settings_update
settings_params = params . slice ( * allowed_settings_params )
allowed_settings_params . each { | param | params . delete ( param ) }
:: NamespaceSettings :: UpdateService . new ( current_user , group , settings_params ) . execute
end
def allowed_settings_params
SETTINGS_PARAMS
end
2017-09-01 21:00:46 -04:00
def valid_share_with_group_lock_change?
return true unless changing_share_with_group_lock?
return true if can? ( current_user , :change_share_with_group_lock , group )
2017-09-06 14:31:45 -04:00
group . errors . add ( :share_with_group_lock , s_ ( 'GroupSettings|cannot be disabled when the parent group "Share with group lock" is enabled, except by the owner of the parent group' ) )
2017-09-01 21:00:46 -04:00
false
end
def changing_share_with_group_lock?
return false if params [ :share_with_group_lock ] . nil?
params [ :share_with_group_lock ] != group . share_with_group_lock
end
2020-09-30 11:09:46 -04:00
def update_shared_runners
return true if params [ :shared_runners_setting ] . nil?
result = Groups :: UpdateSharedRunnersService . new ( group , current_user , shared_runners_setting : params . delete ( :shared_runners_setting ) ) . execute
return true if result [ :status ] == :success
group . errors . add ( :update_shared_runners , result [ :message ] )
false
end
2016-03-08 19:01:33 -05:00
end
end
2019-09-13 09:26:31 -04:00
2021-05-11 17:10:21 -04:00
Groups :: UpdateService . prepend_mod_with ( 'Groups::UpdateService' )