2016-06-17 12:06:55 +00:00
|
|
|
module Members
|
|
|
|
class DestroyService < BaseService
|
2016-07-28 17:31:17 +00:00
|
|
|
include MembersHelper
|
2016-06-17 12:06:55 +00:00
|
|
|
|
2016-07-28 17:31:17 +00:00
|
|
|
attr_accessor :source
|
|
|
|
|
2017-02-21 23:32:18 +00:00
|
|
|
ALLOWED_SCOPES = %i[members requesters all].freeze
|
2016-07-28 17:31:17 +00:00
|
|
|
|
|
|
|
def initialize(source, current_user, params = {})
|
|
|
|
@source = source
|
2016-06-23 15:14:31 +00:00
|
|
|
@current_user = current_user
|
2016-07-28 17:31:17 +00:00
|
|
|
@params = params
|
2016-06-17 12:06:55 +00:00
|
|
|
end
|
|
|
|
|
2016-07-28 17:31:17 +00:00
|
|
|
def execute(scope = :members)
|
|
|
|
raise "scope :#{scope} is not allowed!" unless ALLOWED_SCOPES.include?(scope)
|
|
|
|
|
2016-09-09 16:51:31 +00:00
|
|
|
member = find_member!(scope)
|
2016-07-28 17:31:17 +00:00
|
|
|
|
2016-09-16 11:37:21 +00:00
|
|
|
raise Gitlab::Access::AccessDeniedError unless can_destroy_member?(member)
|
2016-07-28 17:31:17 +00:00
|
|
|
|
2016-08-04 21:34:57 +00:00
|
|
|
AuthorizedDestroyService.new(member, current_user).execute
|
2016-06-17 12:06:55 +00:00
|
|
|
end
|
2016-07-28 17:31:17 +00:00
|
|
|
|
|
|
|
private
|
|
|
|
|
2016-09-09 16:51:31 +00:00
|
|
|
def find_member!(scope)
|
|
|
|
condition = params[:user_id] ? { user_id: params[:user_id] } : { id: params[:id] }
|
2016-07-28 17:31:17 +00:00
|
|
|
case scope
|
|
|
|
when :all
|
2016-09-09 16:51:31 +00:00
|
|
|
source.members.find_by(condition) ||
|
|
|
|
source.requesters.find_by!(condition)
|
2016-07-28 17:31:17 +00:00
|
|
|
else
|
2016-09-09 16:51:31 +00:00
|
|
|
source.public_send(scope).find_by!(condition)
|
2016-07-28 17:31:17 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-09-16 11:37:21 +00:00
|
|
|
def can_destroy_member?(member)
|
|
|
|
member && can?(current_user, action_member_permission(:destroy, member), member)
|
2016-07-28 17:31:17 +00:00
|
|
|
end
|
2016-06-17 12:06:55 +00:00
|
|
|
end
|
|
|
|
end
|