gitlab-org--gitlab-foss/lib/gitlab/visibility_level.rb

# Gitlab::VisibilityLevel module
#
# Define allowed public modes that can be used for
# GitLab projects to determine project public mode
#
module Gitlab
  module VisibilityLevel
    extend CurrentSettings
    extend ActiveSupport::Concern

    included do
      scope :public_only,               -> { where(visibility_level: PUBLIC) }
      scope :public_and_internal_only,  -> { where(visibility_level: [PUBLIC, INTERNAL] ) }
      scope :non_public_only,           -> { where.not(visibility_level: PUBLIC) }

      scope :public_to_user, -> (user = nil) do
        where(visibility_level: VisibilityLevel.levels_for_user(user))
      end
    end

    PRIVATE  = 0 unless const_defined?(:PRIVATE)
    INTERNAL = 10 unless const_defined?(:INTERNAL)
    PUBLIC   = 20 unless const_defined?(:PUBLIC)

    class << self
      delegate :values, to: :options

      def levels_for_user(user = nil)
        return [PUBLIC] unless user

        if user.full_private_access?
          [PRIVATE, INTERNAL, PUBLIC]
        elsif user.external?
          [PUBLIC]
        else
          [INTERNAL, PUBLIC]
        end
      end

      def string_values
        string_options.keys
      end

      def options
        {
          N_('VisibilityLevel|Private')  => PRIVATE,
          N_('VisibilityLevel|Internal') => INTERNAL,
          N_('VisibilityLevel|Public')   => PUBLIC
        }
      end

      def string_options
        {
          'private'  => PRIVATE,
          'internal' => INTERNAL,
          'public'   => PUBLIC
        }
      end

      def highest_allowed_level
        restricted_levels = current_application_settings.restricted_visibility_levels

        allowed_levels = self.values - restricted_levels
        allowed_levels.max || PRIVATE
      end

      def allowed_for?(user, level)
        user.admin? || allowed_level?(level.to_i)
      end

      # Return true if the specified level is allowed for the current user.
      # Level should be a numeric value, e.g. `20`.
      def allowed_level?(level)
        valid_level?(level) && non_restricted_level?(level)
      end

      def non_restricted_level?(level)
        restricted_levels = current_application_settings.restricted_visibility_levels

        if restricted_levels.nil?
          true
        else
          !restricted_levels.include?(level)
        end
      end

      def valid_level?(level)
        options.value?(level)
      end

      def level_name(level)
        level_name = N_('VisibilityLevel|Unknown')
        options.each do |name, lvl|
          level_name = name if lvl == level.to_i
        end

        s_(level_name)
      end

      def level_value(level)
        return level.to_i if level.to_i.to_s == level.to_s && string_options.key(level.to_i)

        string_options[level] || PRIVATE
      end

      def string_level(level)
        string_options.key(level)
      end
    end

    def private?
      visibility_level_value == PRIVATE
    end

    def internal?
      visibility_level_value == INTERNAL
    end

    def public?
      visibility_level_value == PUBLIC
    end

    def visibility_level_value
      self[visibility_level_field]
    end

    def visibility
      Gitlab::VisibilityLevel.string_level(visibility_level_value)
    end

    def visibility=(level)
      self[visibility_level_field] = Gitlab::VisibilityLevel.level_value(level)
    end
  end
end
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`# Gitlab::VisibilityLevel module`
			`#`
			`# Define allowed public modes that can be used for`
			`# GitLab projects to determine project public mode`
			`#`
			`module Gitlab`
			`module VisibilityLevel`
Move restricted visibility settings to the UI Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml. 2015-03-01 10:06:46 -05:00			`extend CurrentSettings`
Code fixes 2016-03-17 18:42:46 -04:00			`extend ActiveSupport::Concern`

			`included do`
Improve group visibility level feature 2016-03-18 08:28:16 -04:00			`scope :public_only, -> { where(visibility_level: PUBLIC) }`
			`scope :public_and_internal_only, -> { where(visibility_level: [PUBLIC, INTERNAL] ) }`
Backport changes introduced by https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/1083 2017-01-20 06:25:53 -05:00			`scope :non_public_only, -> { where.not(visibility_level: PUBLIC) }`
Tweaks, refactoring, and specs 2016-03-20 16:03:53 -04:00
Refactor ProjectsFinder#init_collection This changes ProjectsFinder#init_collection so it no longer relies on a UNION. For example, to get starred projects of a user we used to run: SELECT projects.* FROM projects WHERE projects.pending_delete = 'f' AND ( projects.id IN ( SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id INNER JOIN project_authorizations ON projects.id = project_authorizations.project_id WHERE projects.pending_delete = 'f' AND project_authorizations.user_id = 1 AND users_star_projects.user_id = 1 UNION SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.visibility_level IN (20, 10) AND users_star_projects.user_id = 1 ) ) ORDER BY projects.id DESC; With these changes the above query is turned into the following instead: SELECT projects.* FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.pending_delete = 'f' AND ( EXISTS ( SELECT 1 FROM project_authorizations WHERE project_authorizations.user_id = 1 AND (project_id = projects.id) ) OR projects.visibility_level IN (20,10) ) AND users_star_projects.user_id = 1 ORDER BY projects.id DESC; This query in turn produces a better execution plan and takes less time, though the difference is only a few milliseconds (this however depends on the amount of data involved and additional conditions that may be added). 2017-06-13 10:44:55 -04:00			`scope :public_to_user, -> (user = nil) do`
			`where(visibility_level: VisibilityLevel.levels_for_user(user))`
List all groups/projects for admins on explore pages 2017-02-06 21:32:34 -05:00			`end`
Code fixes 2016-03-17 18:42:46 -04:00			`end`
Move restricted visibility settings to the UI Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml. 2015-03-01 10:06:46 -05:00
Removed some constant allready defined warnings Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2014-07-16 14:12:46 -04:00			`PRIVATE = 0 unless const_defined?(:PRIVATE)`
			`INTERNAL = 10 unless const_defined?(:INTERNAL)`
			`PUBLIC = 20 unless const_defined?(:PUBLIC)`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00
			`class << self`
Enable Rails/Delegate 2017-02-22 12:51:46 -05:00			`delegate :values, to: :options`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00
Refactor ProjectsFinder#init_collection This changes ProjectsFinder#init_collection so it no longer relies on a UNION. For example, to get starred projects of a user we used to run: SELECT projects.* FROM projects WHERE projects.pending_delete = 'f' AND ( projects.id IN ( SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id INNER JOIN project_authorizations ON projects.id = project_authorizations.project_id WHERE projects.pending_delete = 'f' AND project_authorizations.user_id = 1 AND users_star_projects.user_id = 1 UNION SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.visibility_level IN (20, 10) AND users_star_projects.user_id = 1 ) ) ORDER BY projects.id DESC; With these changes the above query is turned into the following instead: SELECT projects.* FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.pending_delete = 'f' AND ( EXISTS ( SELECT 1 FROM project_authorizations WHERE project_authorizations.user_id = 1 AND (project_id = projects.id) ) OR projects.visibility_level IN (20,10) ) AND users_star_projects.user_id = 1 ORDER BY projects.id DESC; This query in turn produces a better execution plan and takes less time, though the difference is only a few milliseconds (this however depends on the amount of data involved and additional conditions that may be added). 2017-06-13 10:44:55 -04:00			`def levels_for_user(user = nil)`
			`return [PUBLIC] unless user`

Add User#full_private_access? to check if user has Private access In CE only the admin has access to all private groups & projects. In EE also an auditor can have full private access. To overcome merge conflicts, or accidental incorrect access rights, abstract this out in `User#full_private_access?`. `User#admin?` now only should be used for admin-only features. For private access-related features `User#full_private_access?` should be used. Backported from gitlab-org/gitlab-ee!2199 2017-06-22 02:35:49 -04:00			`if user.full_private_access?`
Refactor ProjectsFinder#init_collection This changes ProjectsFinder#init_collection so it no longer relies on a UNION. For example, to get starred projects of a user we used to run: SELECT projects.* FROM projects WHERE projects.pending_delete = 'f' AND ( projects.id IN ( SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id INNER JOIN project_authorizations ON projects.id = project_authorizations.project_id WHERE projects.pending_delete = 'f' AND project_authorizations.user_id = 1 AND users_star_projects.user_id = 1 UNION SELECT projects.id FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.visibility_level IN (20, 10) AND users_star_projects.user_id = 1 ) ) ORDER BY projects.id DESC; With these changes the above query is turned into the following instead: SELECT projects.* FROM projects INNER JOIN users_star_projects ON users_star_projects.project_id = projects.id WHERE projects.pending_delete = 'f' AND ( EXISTS ( SELECT 1 FROM project_authorizations WHERE project_authorizations.user_id = 1 AND (project_id = projects.id) ) OR projects.visibility_level IN (20,10) ) AND users_star_projects.user_id = 1 ORDER BY projects.id DESC; This query in turn produces a better execution plan and takes less time, though the difference is only a few milliseconds (this however depends on the amount of data involved and additional conditions that may be added). 2017-06-13 10:44:55 -04:00			`[PRIVATE, INTERNAL, PUBLIC]`
			`elsif user.external?`
			`[PUBLIC]`
			`else`
			`[INTERNAL, PUBLIC]`
			`end`
			`end`

A VisibilityLevel also can be presented as string For the API, the VisibilityLevel will be exposed as String instead of Integer. So add the string values and method to translate a level integer to a string. 2017-02-16 05:06:40 -05:00			`def string_values`
			`string_options.keys`
			`end`

Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`def options`
			`{`
Translate project & repository pages 2017-06-07 16:13:44 -04:00			`N_('VisibilityLevel\|Private') => PRIVATE,`
			`N_('VisibilityLevel\|Internal') => INTERNAL,`
			`N_('VisibilityLevel\|Public') => PUBLIC`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`}`
			`end`
Removed some constant allready defined warnings Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com> 2014-07-16 14:12:46 -04:00
A VisibilityLevel also can be presented as string For the API, the VisibilityLevel will be exposed as String instead of Integer. So add the string values and method to translate a level integer to a string. 2017-02-16 05:06:40 -05:00			`def string_options`
			`{`
			`'private' => PRIVATE,`
			`'internal' => INTERNAL,`
			`'public' => PUBLIC`
			`}`
			`end`

Fix forks creation when visibility level is restricted 2016-05-24 17:53:53 -04:00			`def highest_allowed_level`
			`restricted_levels = current_application_settings.restricted_visibility_levels`

			`allowed_levels = self.values - restricted_levels`
			`allowed_levels.max \|\| PRIVATE`
			`end`

Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`def allowed_for?(user, level)`
Remove the User#is_admin? method 2017-04-08 22:20:57 -04:00			`user.admin? \|\| allowed_level?(level.to_i)`
block visibility level restriction override in controller 2014-08-28 14:33:41 -04:00			`end`

Move restricted visibility settings to the UI Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml. 2015-03-01 10:06:46 -05:00			`# Return true if the specified level is allowed for the current user.`
			# Level should be a numeric value, e.g. `20`.
block visibility level restriction override in controller 2014-08-28 14:33:41 -04:00			`def allowed_level?(level)`
Move restricted visibility settings to the UI Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml. 2015-03-01 10:06:46 -05:00			`valid_level?(level) && non_restricted_level?(level)`
block visibility level restriction override in controller 2014-08-28 14:33:41 -04:00			`end`

			`def non_restricted_level?(level)`
Move application setting to separate variable. 2015-03-18 16:55:41 -04:00			`restricted_levels = current_application_settings.restricted_visibility_levels`

			`if restricted_levels.nil?`
Handle nil restricted visibility settings Return `true` from `non_restricted_level?` when the `restricted_visibility_levels` setting is nil. 2015-03-18 14:38:58 -04:00			`true`
			`else`
Move application setting to separate variable. 2015-03-18 16:55:41 -04:00			`!restricted_levels.include?(level)`
Handle nil restricted visibility settings Return `true` from `non_restricted_level?` when the `restricted_visibility_levels` setting is nil. 2015-03-18 14:38:58 -04:00			`end`
Move restricted visibility settings to the UI Add checkboxes to the application settings page for restricted visibility levels, and remove those settings from gitlab.yml. 2015-03-01 10:06:46 -05:00			`end`

			`def valid_level?(level)`
Enable the Style/PreferredHashMethods cop Signed-off-by: Rémy Coutable <remy@rymai.me> 2017-06-02 13:11:26 -04:00			`options.value?(level)`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`end`
Fork visibility level fix 2015-07-06 08:38:43 -04:00
Move level_name resolving to Gitlan::VisibilityLevel 2015-11-03 11:23:19 -05:00			`def level_name(level)`
Always return the translated level name. There are many places that expect the `.level_name` method to return the translated level name. 2017-07-13 13:11:09 -04:00			`level_name = N_('VisibilityLevel\|Unknown')`
Move level_name resolving to Gitlan::VisibilityLevel 2015-11-03 11:23:19 -05:00			`options.each do \|name, lvl\|`
Fix GitlabV::isibilityLevel::level_name method 2015-11-04 16:13:40 -05:00			`level_name = name if lvl == level.to_i`
Move level_name resolving to Gitlan::VisibilityLevel 2015-11-03 11:23:19 -05:00			`end`

Always return the translated level name. There are many places that expect the `.level_name` method to return the translated level name. 2017-07-13 13:11:09 -04:00			`s_(level_name)`
Move level_name resolving to Gitlan::VisibilityLevel 2015-11-03 11:23:19 -05:00			`end`
A VisibilityLevel also can be presented as string For the API, the VisibilityLevel will be exposed as String instead of Integer. So add the string values and method to translate a level integer to a string. 2017-02-16 05:06:40 -05:00
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`def level_value(level)`
Make level_value accept string integers When a VisibilityLevel is an integer formatted as a string, convert it to an integer, instead of looking it up in the hash map. When the value is not recognized, default to PRIVATE. 2017-03-20 17:05:53 -04:00			`return level.to_i if level.to_i.to_s == level.to_s && string_options.key(level.to_i)`
Adds Rubocop rule for line break after guard clause Adds a rubocop rule (with autocorrect) to ensure line break after guard clauses. 2017-11-14 04:02:39 -05:00
Make level_value accept string integers When a VisibilityLevel is an integer formatted as a string, convert it to an integer, instead of looking it up in the hash map. When the value is not recognized, default to PRIVATE. 2017-03-20 17:05:53 -04:00			`string_options[level] \|\| PRIVATE`
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`end`

A VisibilityLevel also can be presented as string For the API, the VisibilityLevel will be exposed as String instead of Integer. So add the string values and method to translate a level integer to a string. 2017-02-16 05:06:40 -05:00			`def string_level(level)`
			`string_options.key(level)`
			`end`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`end`

			`def private?`
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`visibility_level_value == PRIVATE`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`end`

			`def internal?`
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`visibility_level_value == INTERNAL`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`end`

			`def public?`
Use string based `visibility` getter & setter Add `visibility` & `visibility=` methods to the `Gitlab::VisibilityLevel` module so the `visibility_level` can be get/set with a string value. 2017-03-01 15:23:00 -05:00			`visibility_level_value == PUBLIC`
			`end`

			`def visibility_level_value`
			`self[visibility_level_field]`
			`end`

			`def visibility`
			`Gitlab::VisibilityLevel.string_level(visibility_level_value)`
			`end`

			`def visibility=(level)`
			`self[visibility_level_field] = Gitlab::VisibilityLevel.level_value(level)`
Adding authenticated public mode (internal). Added visibility_level icons to project view (rather than just text). Added public projects to search results. Added ability to restrict visibility levels standard users can set. 2013-11-06 10:13:21 -05:00			`end`
			`end`
			`end`