Merge branch 'rc-new-members-approve-request-access-service' into 'master'
New `Members::ApproveAccessRequestService` Part of #21979. ## Does this MR meet the acceptance criteria? - [x] API support added - Tests - [x] Added for this feature/bug - [x] All builds are passing - [ ] Conform by the [merge request performance guides](http://docs.gitlab.com/ce/development/merge_request_performance_guidelines.html) - [ ] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !6266
This commit is contained in:
commit
166c6cd85c
|
@ -1,6 +1,5 @@
|
||||||
module MembershipActions
|
module MembershipActions
|
||||||
extend ActiveSupport::Concern
|
extend ActiveSupport::Concern
|
||||||
include MembersHelper
|
|
||||||
|
|
||||||
def request_access
|
def request_access
|
||||||
membershipable.request_access(current_user)
|
membershipable.request_access(current_user)
|
||||||
|
@ -10,11 +9,7 @@ module MembershipActions
|
||||||
end
|
end
|
||||||
|
|
||||||
def approve_access_request
|
def approve_access_request
|
||||||
@member = membershipable.requesters.find(params[:id])
|
Members::ApproveAccessRequestService.new(membershipable, current_user, params).execute
|
||||||
|
|
||||||
return render_403 unless can?(current_user, action_member_permission(:update, @member), @member)
|
|
||||||
|
|
||||||
@member.accept_request
|
|
||||||
|
|
||||||
redirect_to polymorphic_url([membershipable, :members])
|
redirect_to polymorphic_url([membershipable, :members])
|
||||||
end
|
end
|
||||||
|
|
|
@ -0,0 +1,31 @@
|
||||||
|
module Members
|
||||||
|
class ApproveAccessRequestService < BaseService
|
||||||
|
include MembersHelper
|
||||||
|
|
||||||
|
attr_accessor :source
|
||||||
|
|
||||||
|
def initialize(source, current_user, params = {})
|
||||||
|
@source = source
|
||||||
|
@current_user = current_user
|
||||||
|
@params = params
|
||||||
|
end
|
||||||
|
|
||||||
|
def execute
|
||||||
|
condition = params[:user_id] ? { user_id: params[:user_id] } : { id: params[:id] }
|
||||||
|
access_requester = source.requesters.find_by!(condition)
|
||||||
|
|
||||||
|
raise Gitlab::Access::AccessDeniedError unless can_update_access_requester?(access_requester)
|
||||||
|
|
||||||
|
access_requester.access_level = params[:access_level] if params[:access_level]
|
||||||
|
access_requester.accept_request
|
||||||
|
|
||||||
|
access_requester
|
||||||
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def can_update_access_requester?(access_requester)
|
||||||
|
access_requester && can?(current_user, action_member_permission(:update, access_requester), access_requester)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
|
@ -55,13 +55,8 @@ module API
|
||||||
put ':id/access_requests/:user_id/approve' do
|
put ':id/access_requests/:user_id/approve' do
|
||||||
required_attributes! [:user_id]
|
required_attributes! [:user_id]
|
||||||
source = find_source(source_type, params[:id])
|
source = find_source(source_type, params[:id])
|
||||||
authorize_admin_source!(source_type, source)
|
|
||||||
|
|
||||||
member = source.requesters.find_by!(user_id: params[:user_id])
|
member = ::Members::ApproveAccessRequestService.new(source, current_user, params).execute
|
||||||
if params[:access_level]
|
|
||||||
member.update(access_level: params[:access_level])
|
|
||||||
end
|
|
||||||
member.accept_request
|
|
||||||
|
|
||||||
status :created
|
status :created
|
||||||
present member.user, with: Entities::Member, member: member
|
present member.user, with: Entities::Member, member: member
|
||||||
|
|
|
@ -2,9 +2,10 @@ require 'spec_helper'
|
||||||
|
|
||||||
describe Groups::GroupMembersController do
|
describe Groups::GroupMembersController do
|
||||||
let(:user) { create(:user) }
|
let(:user) { create(:user) }
|
||||||
let(:group) { create(:group) }
|
|
||||||
|
|
||||||
describe '#index' do
|
describe '#index' do
|
||||||
|
let(:group) { create(:group) }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
group.add_owner(user)
|
group.add_owner(user)
|
||||||
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
stub_application_setting(restricted_visibility_levels: [Gitlab::VisibilityLevel::PUBLIC])
|
||||||
|
|
|
@ -0,0 +1,96 @@
|
||||||
|
require 'spec_helper'
|
||||||
|
|
||||||
|
describe Members::ApproveAccessRequestService, services: true do
|
||||||
|
let(:user) { create(:user) }
|
||||||
|
let(:access_requester) { create(:user) }
|
||||||
|
let(:project) { create(:project, :public) }
|
||||||
|
let(:group) { create(:group, :public) }
|
||||||
|
|
||||||
|
shared_examples 'a service raising ActiveRecord::RecordNotFound' do
|
||||||
|
it 'raises ActiveRecord::RecordNotFound' do
|
||||||
|
expect { described_class.new(source, user, params).execute }.to raise_error(ActiveRecord::RecordNotFound)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
shared_examples 'a service raising Gitlab::Access::AccessDeniedError' do
|
||||||
|
it 'raises Gitlab::Access::AccessDeniedError' do
|
||||||
|
expect { described_class.new(source, user, params).execute }.to raise_error(Gitlab::Access::AccessDeniedError)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
shared_examples 'a service approving an access request' do
|
||||||
|
it 'succeeds' do
|
||||||
|
expect { described_class.new(source, user, params).execute }.to change { source.requesters.count }.by(-1)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns a <Source>Member' do
|
||||||
|
member = described_class.new(source, user, params).execute
|
||||||
|
|
||||||
|
expect(member).to be_a "#{source.class.to_s}Member".constantize
|
||||||
|
expect(member.requested_at).to be_nil
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'with a custom access level' do
|
||||||
|
let(:params) { { user_id: access_requester.id, access_level: Gitlab::Access::MASTER } }
|
||||||
|
|
||||||
|
it 'returns a ProjectMember with the custom access level' do
|
||||||
|
member = described_class.new(source, user, params).execute
|
||||||
|
|
||||||
|
expect(member.access_level).to eq Gitlab::Access::MASTER
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when no access requester are found' do
|
||||||
|
let(:params) { { user_id: 42 } }
|
||||||
|
|
||||||
|
it_behaves_like 'a service raising ActiveRecord::RecordNotFound' do
|
||||||
|
let(:source) { project }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'a service raising ActiveRecord::RecordNotFound' do
|
||||||
|
let(:source) { group }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when an access requester is found' do
|
||||||
|
before do
|
||||||
|
project.request_access(access_requester)
|
||||||
|
group.request_access(access_requester)
|
||||||
|
end
|
||||||
|
let(:params) { { user_id: access_requester.id } }
|
||||||
|
|
||||||
|
context 'when current user cannot approve access request to the project' do
|
||||||
|
it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
|
||||||
|
let(:source) { project }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'a service raising Gitlab::Access::AccessDeniedError' do
|
||||||
|
let(:source) { group }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when current user can approve access request to the project' do
|
||||||
|
before do
|
||||||
|
project.team << [user, :master]
|
||||||
|
group.add_owner(user)
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'a service approving an access request' do
|
||||||
|
let(:source) { project }
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'a service approving an access request' do
|
||||||
|
let(:source) { group }
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when given a :id' do
|
||||||
|
let(:params) { { id: project.requesters.find_by!(user_id: access_requester.id).id } }
|
||||||
|
|
||||||
|
it_behaves_like 'a service approving an access request' do
|
||||||
|
let(:source) { project }
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in New Issue