gitlab-org--gitlab-foss/app/models/project_team.rb

class ProjectTeam
  attr_accessor :project

  def initialize(project)
    @project = project
  end

  # Shortcut to add users
  #
  # Use:
  #   @team << [@user, :master]
  #   @team << [@users, :master]
  #
  def <<(args)
    users, access, current_user = *args

    if users.respond_to?(:each)
      add_users(users, access, current_user)
    else
      add_user(users, access, current_user)
    end
  end

  def find_member(user_id)
    member = project.members.non_request.find_by(user_id: user_id)

    # If user is not in project members
    # we should check for group membership
    if group && !member
      member = group.members.non_request.find_by(user_id: user_id)
    end

    member
  end

  def add_users(users, access, current_user = nil)
    ProjectMember.add_users_into_projects(
      [project.id],
      users,
      access,
      current_user
    )
  end

  def add_user(user, access, current_user = nil)
    add_users([user], access, current_user)
  end

  # Remove all users from project team
  def truncate
    ProjectMember.truncate_team(project)
  end

  def members
    @members ||= fetch_members
  end
  alias_method :users, :members

  def guests
    @guests ||= fetch_members(:guests)
  end

  def reporters
    @reporters ||= fetch_members(:reporters)
  end

  def developers
    @developers ||= fetch_members(:developers)
  end

  def masters
    @masters ||= fetch_members(:masters)
  end

  def import(source_project, current_user = nil)
    target_project = project

    source_members = source_project.project_members.to_a
    target_user_ids = target_project.project_members.pluck(:user_id)

    source_members.reject! do |member|
      # Skip if user already present in team
      !member.invite? && target_user_ids.include?(member.user_id)
    end

    source_members.map! do |member|
      new_member = member.dup
      new_member.id = nil
      new_member.source = target_project
      new_member.created_by = current_user
      new_member
    end

    ProjectMember.transaction do
      source_members.each do |member|
        member.save
      end
    end

    true
  rescue
    false
  end

  def guest?(user)
    max_member_access(user.id) == Gitlab::Access::GUEST
  end

  def reporter?(user)
    max_member_access(user.id) == Gitlab::Access::REPORTER
  end

  def developer?(user)
    max_member_access(user.id) == Gitlab::Access::DEVELOPER
  end

  def master?(user)
    max_member_access(user.id) == Gitlab::Access::MASTER
  end

  def member?(user, min_member_access = nil)
    member = !!find_member(user.id)

    if min_member_access
      member && max_member_access(user.id) >= min_member_access
    else
      member
    end
  end

  def human_max_access(user_id)
    Gitlab::Access.options_with_owner.key(max_member_access(user_id))
  end

  # This method assumes project and group members are eager loaded for optimal
  # performance.
  def max_member_access(user_id)
    access = []

    project.members.non_request.each do |member|
      if member.user_id == user_id
        access << member.access_field if member.access_field
        break
      end
    end

    if group
      group.members.non_request.each do |member|
        if member.user_id == user_id
          access << member.access_field if member.access_field
          break
        end
      end
    end

    if project.invited_groups.any? && project.allowed_to_share_with_group?
      access << max_invited_level(user_id)
    end

    access.compact.max
  end

  private

  def max_invited_level(user_id)
    project.project_group_links.map do |group_link|
      invited_group = group_link.group
      access = invited_group.group_members.find_by(user_id: user_id).try(:access_field)

      # If group member has higher access level we should restrict it
      # to max allowed access level
      if access && access > group_link.group_access
        access = group_link.group_access
      end

      access
    end.compact.max
  end

  def fetch_members(level = nil)
    project_members = project.members.non_request
    group_members = group ? group.members.non_request : []
    invited_members = []

    if project.invited_groups.any? && project.allowed_to_share_with_group?
      project.project_group_links.each do |group_link|
        invited_group = group_link.group
        im = invited_group.members.non_request

        if level
          int_level = GroupMember.access_level_roles[level.to_s.singularize.titleize]

          # Skip group members if we ask for masters
          # but max group access is developers
          next if int_level > group_link.group_access

          # If we ask for developers and max
          # group access is developers we need to provide
          # both group master, developers as devs
          if int_level == group_link.group_access
            im.where("access_level >= ?)", group_link.group_access)
          else
            im.send(level)
          end
        end

        invited_members << im
      end

      invited_members = invited_members.flatten.compact
    end

    if level
      project_members = project_members.send(level)
      group_members = group_members.send(level) if group
    end

    user_ids = project_members.pluck(:user_id)
    user_ids.push(*invited_members.map(&:user_id)) if invited_members.any?
    user_ids.push(*group_members.pluck(:user_id)) if group

    User.where(id: user_ids)
  end

  def group
    project.group
  end
end
Rename Team class to ProjectTeam 2013-01-19 13:52:55 -05:00			`class ProjectTeam`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`attr_accessor :project`

			`def initialize(project)`
			`@project = project`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`end`

			`# Shortcut to add users`
			`#`
			`# Use:`
			`# @team << [@user, :master]`
			`# @team << [@users, :master]`
			`#`
Add parenthesis to function def with arguments. 2014-09-25 18:07:40 -04:00			`def <<(args)`
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`users, access, current_user = *args`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00
			`if users.respond_to?(:each)`
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`add_users(users, access, current_user)`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`else`
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`add_user(users, access, current_user)`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`end`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`

Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`def find_member(user_id)`
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`member = project.members.non_request.find_by(user_id: user_id)`
Improve admin user show page Show permissions for all project. Add ability to remove user from group if not an owner Remove unnecessary admin controller 2013-08-27 14:35:41 -04:00
			`# If user is not in project members`
			`# we should check for group membership`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`if group && !member`
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`member = group.members.non_request.find_by(user_id: user_id)`
Improve admin user show page Show permissions for all project. Add ability to remove user from group if not an owner Remove unnecessary admin controller 2013-08-27 14:35:41 -04:00			`end`

Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`member`
Fix routing. Finalize user show page 2013-01-22 12:45:13 -05:00			`end`

Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`def add_users(users, access, current_user = nil)`
Huge replace of old users_project and users_group references Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-14 12:32:51 -04:00			`ProjectMember.add_users_into_projects(`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`[project.id],`
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`users,`
			`access,`
			`current_user`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`)`
			`end`

Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`def add_user(user, access, current_user = nil)`
			`add_users([user], access, current_user)`
			`end`

REpostiry, Team models 2013-01-03 14:09:18 -05:00			`# Remove all users from project team`
			`def truncate`
Huge replace of old users_project and users_group references Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-14 12:32:51 -04:00			`ProjectMember.truncate_team(project)`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`

			`def members`
cache project.team.members 2013-06-22 05:57:05 -04:00			`@members \|\|= fetch_members`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`
Add request access for groups Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-04-18 12:53:32 -04:00			`alias_method :users, :members`
REpostiry, Team models 2013-01-03 14:09:18 -05:00
			`def guests`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`@guests \|\|= fetch_members(:guests)`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`

			`def reporters`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`@reporters \|\|= fetch_members(:reporters)`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`

			`def developers`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`@developers \|\|= fetch_members(:developers)`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`

			`def masters`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`@masters \|\|= fetch_members(:masters)`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`def import(source_project, current_user = nil)`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`target_project = project`

Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`source_members = source_project.project_members.to_a`
Huge replace of old users_project and users_group references Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-14 12:32:51 -04:00			`target_user_ids = target_project.project_members.pluck(:user_id)`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`source_members.reject! do \|member\|`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`# Skip if user already present in team`
Correctly import invited members. 2015-04-10 09:26:53 -04:00			`!member.invite? && target_user_ids.include?(member.user_id)`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`end`

Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`source_members.map! do \|member\|`
			`new_member = member.dup`
			`new_member.id = nil`
			`new_member.source = target_project`
Track who created a group or project member. 2015-04-10 08:46:09 -04:00			`new_member.created_by = current_user`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`new_member`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`end`

Huge replace of old users_project and users_group references Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-09-14 12:32:51 -04:00			`ProjectMember.transaction do`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`source_members.each do \|member\|`
			`member.save`
Continue refactoring. Use repostory and team 2013-01-04 01:43:25 -05:00			`end`
			`end`

			`true`
			`rescue`
			`false`
			`end`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00
Improve performance of application for large teams This commit fixes a lot of sql queries to db for for groups and projects with big amount of members. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 04:52:17 -04:00			`def guest?(user)`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`max_member_access(user.id) == Gitlab::Access::GUEST`
Improve performance of application for large teams This commit fixes a lot of sql queries to db for for groups and projects with big amount of members. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 04:52:17 -04:00			`end`

			`def reporter?(user)`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`max_member_access(user.id) == Gitlab::Access::REPORTER`
Improve performance of application for large teams This commit fixes a lot of sql queries to db for for groups and projects with big amount of members. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 04:52:17 -04:00			`end`

			`def developer?(user)`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`max_member_access(user.id) == Gitlab::Access::DEVELOPER`
Improve performance of application for large teams This commit fixes a lot of sql queries to db for for groups and projects with big amount of members. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 04:52:17 -04:00			`end`

			`def master?(user)`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`max_member_access(user.id) == Gitlab::Access::MASTER`
Fix permission issue with highest access level for group If user was a member of both group and project and group access level was higher it was not respected and user got lowest project access level. Now it is fixed and user get highest access level Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-20 05:54:03 -04:00			`end`

Project members with guest role can't access confidential issues 2016-06-06 15:13:31 -04:00			`def member?(user, min_member_access = nil)`
			`member = !!find_member(user.id)`

			`if min_member_access`
			`member && max_member_access(user.id) >= min_member_access`
			`else`
			`member`
			`end`
Snippets: public/internal/private 2014-10-08 09:44:25 -04:00			`end`

UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`def human_max_access(user_id)`
			`Gitlab::Access.options_with_owner.key(max_member_access(user_id))`
			`end`

Improve ProjectTeam#max_member_access performance By comparing objects in Ruby we can greatly improve the performance of this method. In the worst case (should no data be eager loaded) this will run the same amount of queries as before, in the best case (when data _is_ eager loadeD) it requires no queries at all. The added benchmark used to produce around 273 iterations per second. With this commit this has been increased to almost 40 000 iterations per second: a speedup of roughly 145 times. Combined with eager loading Note associations this results in about 30 queries less when viewing a single issue, this in turn cuts down the loading time by 30-40%. 2015-10-14 08:54:04 -04:00			`# This method assumes project and group members are eager loaded for optimal`
			`# performance.`
Use `member` instead of `tm`. 2015-03-13 11:23:45 -04:00			`def max_member_access(user_id)`
Fix permission issue with highest access level for group If user was a member of both group and project and group access level was higher it was not respected and user got lowest project access level. Now it is fixed and user get highest access level Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-20 05:54:03 -04:00			`access = []`
Improve ProjectTeam#max_member_access performance By comparing objects in Ruby we can greatly improve the performance of this method. In the worst case (should no data be eager loaded) this will run the same amount of queries as before, in the best case (when data _is_ eager loadeD) it requires no queries at all. The added benchmark used to produce around 273 iterations per second. With this commit this has been increased to almost 40 000 iterations per second: a speedup of roughly 145 times. Combined with eager loading Note associations this results in about 30 queries less when viewing a single issue, this in turn cuts down the loading time by 30-40%. 2015-10-14 08:54:04 -04:00
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`project.members.non_request.each do \|member\|`
Improve ProjectTeam#max_member_access performance By comparing objects in Ruby we can greatly improve the performance of this method. In the worst case (should no data be eager loaded) this will run the same amount of queries as before, in the best case (when data _is_ eager loadeD) it requires no queries at all. The added benchmark used to produce around 273 iterations per second. With this commit this has been increased to almost 40 000 iterations per second: a speedup of roughly 145 times. Combined with eager loading Note associations this results in about 30 queries less when viewing a single issue, this in turn cuts down the loading time by 30-40%. 2015-10-14 08:54:04 -04:00			`if member.user_id == user_id`
			`access << member.access_field if member.access_field`
			`break`
			`end`
			`end`
Fix permission issue with highest access level for group If user was a member of both group and project and group access level was higher it was not respected and user got lowest project access level. Now it is fixed and user get highest access level Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-20 05:54:03 -04:00
			`if group`
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`group.members.non_request.each do \|member\|`
Improve ProjectTeam#max_member_access performance By comparing objects in Ruby we can greatly improve the performance of this method. In the worst case (should no data be eager loaded) this will run the same amount of queries as before, in the best case (when data _is_ eager loadeD) it requires no queries at all. The added benchmark used to produce around 273 iterations per second. With this commit this has been increased to almost 40 000 iterations per second: a speedup of roughly 145 times. Combined with eager loading Note associations this results in about 30 queries less when viewing a single issue, this in turn cuts down the loading time by 30-40%. 2015-10-14 08:54:04 -04:00			`if member.user_id == user_id`
			`access << member.access_field if member.access_field`
			`break`
			`end`
			`end`
Fix permission issue with highest access level for group If user was a member of both group and project and group access level was higher it was not respected and user got lowest project access level. Now it is fixed and user get highest access level Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-20 05:54:03 -04:00			`end`

Allow users to access project shared with their group Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-03-11 12:46:01 -05:00			`if project.invited_groups.any? && project.allowed_to_share_with_group?`
			`access << max_invited_level(user_id)`
			`end`

			`access.compact.max`
			`end`

Add request access for groups Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-04-18 12:53:32 -04:00			`private`
Allow users to access project shared with their group Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-03-11 12:46:01 -05:00
			`def max_invited_level(user_id)`
			`project.project_group_links.map do \|group_link\|`
			`invited_group = group_link.group`
			`access = invited_group.group_members.find_by(user_id: user_id).try(:access_field)`

			`# If group member has higher access level we should restrict it`
			`# to max allowed access level`
			`if access && access > group_link.group_access`
			`access = group_link.group_access`
			`end`

			`access`
			`end.compact.max`
Improve performance of application for large teams This commit fixes a lot of sql queries to db for for groups and projects with big amount of members. Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 04:52:17 -04:00			`end`

Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`def fetch_members(level = nil)`
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`project_members = project.members.non_request`
			`group_members = group ? group.members.non_request : []`
Allow users to access project shared with their group Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-03-11 12:46:01 -05:00			`invited_members = []`

			`if project.invited_groups.any? && project.allowed_to_share_with_group?`
			`project.project_group_links.each do \|group_link\|`
			`invited_group = group_link.group`
UI and copywriting improvements + Move 'Edit Project/Group' out of membership-related partial + Show the access request buttons only to logged-in users + Put the request access buttons out of in a more visible button + Improve the copy in the #remove_member_message helper Signed-off-by: Rémy Coutable <remy@rymai.me> 2016-06-02 12:05:06 -04:00			`im = invited_group.members.non_request`
Allow users to access project shared with their group Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-03-11 12:46:01 -05:00
			`if level`
			`int_level = GroupMember.access_level_roles[level.to_s.singularize.titleize]`

			`# Skip group members if we ask for masters`
			`# but max group access is developers`
			`next if int_level > group_link.group_access`

			`# If we ask for developers and max`
			`# group access is developers we need to provide`
			`# both group master, developers as devs`
			`if int_level == group_link.group_access`
			`im.where("access_level >= ?)", group_link.group_access)`
			`else`
			`im.send(level)`
			`end`
			`end`

			`invited_members << im`
			`end`

			`invited_members = invited_members.flatten.compact`
			`end`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00
			`if level`
			`project_members = project_members.send(level)`
Project Team now supports a non-group projects 2013-06-17 08:38:19 -04:00			`group_members = group_members.send(level) if group`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`end`

Prevent a lot of sql queries for ProjectTeam#fetch_members method Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 12:20:25 -04:00			`user_ids = project_members.pluck(:user_id)`
Allow users to access project shared with their group Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2016-03-11 12:46:01 -05:00			`user_ids.push(*invited_members.map(&:user_id)) if invited_members.any?`
Append in place for strings and arrays 2014-10-09 03:47:47 -04:00			`user_ids.push(*group_members.pluck(:user_id)) if group`
Prevent a lot of sql queries for ProjectTeam#fetch_members method Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> 2014-06-04 12:20:25 -04:00
			`User.where(id: user_ids)`
Add UsersGroup relation to be respected by abilities and Project#team 2013-06-17 07:17:32 -04:00			`end`
Project Team now supports a non-group projects 2013-06-17 08:38:19 -04:00
			`def group`
			`project.group`
			`end`
REpostiry, Team models 2013-01-03 14:09:18 -05:00			`end`