Merge branch 'remove_is_admin' into 'master'

Remove the `User#is_admin?` method

Closes #30584

See merge request !10520

app/controllers/admin/application_controller.rb

@@ -6,6 +6,6 @@ class Admin::ApplicationController < ApplicationController
   layout 'admin'
 
   def authenticate_admin!
-    render_404 unless current_user.is_admin?
+    render_404 unless current_user.admin?
   end
 end

app/controllers/admin/impersonations_controller.rb

@@ -21,6 +21,6 @@ class Admin::ImpersonationsController < Admin::ApplicationController
   end
 
   def authenticate_impersonator!
-    render_404 unless impersonator && impersonator.is_admin? && !impersonator.blocked?
+    render_404 unless impersonator && impersonator.admin? && !impersonator.blocked?
   end
 end

app/helpers/visibility_level_helper.rb

@@ -85,7 +85,7 @@ module VisibilityLevelHelper
   end
 
   def restricted_visibility_levels(show_all = false)
-    return [] if current_user.is_admin? && !show_all
+    return [] if current_user.admin? && !show_all
     current_application_settings.restricted_visibility_levels || []
   end
 

app/models/user.rb

@@ -555,10 +555,6 @@ class User < ActiveRecord::Base
     authorized_projects(Gitlab::Access::REPORTER).non_archived.with_issues_enabled
   end
 
-  def is_admin?
-    admin
-  end
-
   def require_ssh_key?
     keys.count == 0 && Gitlab::ProtocolAccess.allowed?('ssh')
   end

app/policies/ci/runner_policy.rb

@@ -3,7 +3,7 @@ module Ci
     def rules
       return unless @user
 
-      can! :assign_runner if @user.is_admin?
+      can! :assign_runner if @user.admin?
 
       return if @subject.is_shared? || @subject.locked?
 

app/services/users/create_service.rb

@@ -11,7 +11,7 @@ module Users
 
       user = User.new(build_user_params)
 
-      if current_user&.is_admin?
+      if current_user&.admin?
         if params[:reset_password]
           @reset_token = user.generate_reset_token
           params[:force_random_password] = true
@@ -47,7 +47,7 @@ module Users
     private
 
     def can_create_user?
-      (current_user.nil? && current_application_settings.signup_enabled?) || current_user&.is_admin?
+      (current_user.nil? && current_application_settings.signup_enabled?) || current_user&.admin?
     end
 
     # Allowed params for creating a user (admins only)
@@ -94,7 +94,7 @@ module Users
     end
 
     def build_user_params
-      if current_user&.is_admin?
+      if current_user&.admin?
         user_params = params.slice(*admin_create_params)
         user_params[:created_by_id] = current_user&.id
 

app/views/layouts/header/_default.html.haml

@@ -31,7 +31,7 @@
               %li.impersonation
                 = link_to admin_impersonation_path, method: :delete, title: "Stop impersonation", aria: { label: 'Stop impersonation' }, data: { toggle: 'tooltip', placement: 'bottom', container: 'body' } do
                   = icon('user-secret fw')
-            - if current_user.is_admin?
+            - if current_user.admin?
               %li
                 = link_to admin_root_path, title: 'Admin area', aria: { label: "Admin area" }, data: {toggle: 'tooltip', placement: 'bottom', container: 'body'} do
                   = icon('wrench fw')

changelogs/unreleased/remove_is_admin.yml

@@ -0,0 +1,4 @@
+---
+title: Remove the User#is_admin? method
+merge_request: 10520
+author: blackst0ne

lib/api/entities.rb

@@ -14,7 +14,7 @@ module API
 
     class User < UserBasic
       expose :created_at
-      expose :is_admin?, as: :is_admin
+      expose :admin?, as: :is_admin
       expose :bio, :location, :skype, :linkedin, :twitter, :website_url, :organization
     end
 
@@ -611,9 +611,9 @@ module API
       expose :locked
       expose :version, :revision, :platform, :architecture
       expose :contacted_at
-      expose :token, if: lambda { |runner, options| options[:current_user].is_admin? || !runner.is_shared? }
+      expose :token, if: lambda { |runner, options| options[:current_user].admin? || !runner.is_shared? }
       expose :projects, with: Entities::BasicProjectDetails do |runner, options|
-        if options[:current_user].is_admin?
+        if options[:current_user].admin?
           runner.projects
         else
           options[:current_user].authorized_projects.where(id: runner.projects)

lib/api/groups.rb

@@ -56,7 +56,7 @@ module API
         groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
         groups = groups.reorder(params[:order_by] => params[:sort])
 
-        present_groups groups, statistics: params[:statistics] && current_user.is_admin?
+        present_groups groups, statistics: params[:statistics] && current_user.admin?
       end
 
       desc 'Create a group. Available only for users who can create groups.' do

lib/api/helpers.rb

@@ -118,7 +118,7 @@ module API
 
     def authenticated_as_admin!
       authenticate!
-      forbidden! unless current_user.is_admin?
+      forbidden! unless current_user.admin?
     end
 
     def authorize!(action, subject = :global)
@@ -358,7 +358,7 @@ module API
       return unless sudo_identifier
       return unless initial_current_user
 
-      unless initial_current_user.is_admin?
+      unless initial_current_user.admin?
         forbidden!('Must be admin to use sudo')
       end
 

lib/api/notes.rb

@@ -78,7 +78,7 @@ module API
           }
 
           if can?(current_user, noteable_read_ability_name(noteable), noteable)
-            if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user)
+            if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
               opts[:created_at] = params[:created_at]
             end
 

lib/api/runners.rb

@@ -161,18 +161,18 @@ module API
       end
 
       def authenticate_show_runner!(runner)
-        return if runner.is_shared || current_user.is_admin?
+        return if runner.is_shared || current_user.admin?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
       def authenticate_update_runner!(runner)
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 
       def authenticate_delete_runner!(runner)
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner associated with more than one project") if runner.projects.count > 1
         forbidden!("No access granted") unless user_can_access_runner?(runner)
@@ -181,7 +181,7 @@ module API
       def authenticate_enable_runner!(runner)
         forbidden!("Runner is shared") if runner.is_shared?
         forbidden!("Runner is locked") if runner.locked?
-        return if current_user.is_admin?
+        return if current_user.admin?
         forbidden!("No access granted") unless user_can_access_runner?(runner)
       end
 

lib/api/services.rb

@@ -642,7 +642,7 @@ module API
           service_params = declared_params(include_missing: false).merge(active: true)
 
           if service.update_attributes(service_params)
-            present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+            present service, with: Entities::ProjectService, include_passwords: current_user.admin?
           else
             render_api_error!('400 Bad Request', 400)
           end
@@ -673,7 +673,7 @@ module API
       end
       get ":id/services/:service_slug" do
         service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-        present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+        present service, with: Entities::ProjectService, include_passwords: current_user.admin?
       end
     end
 

lib/api/users.rb

@@ -56,10 +56,10 @@ module API
           users = users.active if params[:active]
           users = users.search(params[:search]) if params[:search].present?
           users = users.blocked if params[:blocked]
-          users = users.external if params[:external] && current_user.is_admin?
+          users = users.external if params[:external] && current_user.admin?
         end
 
-        entity = current_user.is_admin? ? Entities::UserPublic : Entities::UserBasic
+        entity = current_user.admin? ? Entities::UserPublic : Entities::UserBasic
         present paginate(users), with: entity
       end
 
@@ -73,7 +73,7 @@ module API
         user = User.find_by(id: params[:id])
         not_found!('User') unless user
 
-        if current_user && current_user.is_admin?
+        if current_user && current_user.admin?
           present user, with: Entities::UserPublic
         elsif can?(current_user, :read_user, user)
           present user, with: Entities::User

lib/api/v3/groups.rb

@@ -54,7 +54,7 @@ module API
           groups = groups.where.not(id: params[:skip_groups]) if params[:skip_groups].present?
           groups = groups.reorder(params[:order_by] => params[:sort])
 
-          present_groups groups, statistics: params[:statistics] && current_user.is_admin?
+          present_groups groups, statistics: params[:statistics] && current_user.admin?
         end
 
         desc 'Get list of owned groups for authenticated user' do

lib/api/v3/notes.rb

@@ -79,7 +79,7 @@ module API
             noteable = user_project.send(noteables_str.to_sym).find(params[:noteable_id])
 
             if can?(current_user, noteable_read_ability_name(noteable), noteable)
-              if params[:created_at] && (current_user.is_admin? || user_project.owner == current_user)
+              if params[:created_at] && (current_user.admin? || user_project.owner == current_user)
                 opts[:created_at] = params[:created_at]
               end
 

lib/api/v3/runners.rb

@@ -50,7 +50,7 @@ module API
 
       helpers do
         def authenticate_delete_runner!(runner)
-          return if current_user.is_admin?
+          return if current_user.admin?
           forbidden!("Runner is shared") if runner.is_shared?
           forbidden!("Runner associated with more than one project") if runner.projects.count > 1
           forbidden!("No access granted") unless user_can_access_runner?(runner)

lib/api/v3/services.rb

@@ -602,7 +602,7 @@ module API
         end
         get ":id/services/:service_slug" do
           service = user_project.find_or_initialize_service(params[:service_slug].underscore)
-          present service, with: Entities::ProjectService, include_passwords: current_user.is_admin?
+          present service, with: Entities::ProjectService, include_passwords: current_user.admin?
         end
       end
 

lib/gitlab/import_export/relation_factory.rb

@@ -186,7 +186,7 @@ module Gitlab
       end
 
       def admin_user?
-        @user.is_admin?
+        @user.admin?
       end
 
       def parsed_relation_hash

lib/gitlab/visibility_level.rb

@@ -63,7 +63,7 @@ module Gitlab
       end
 
       def allowed_for?(user, level)
-        user.is_admin? || allowed_level?(level.to_i)
+        user.admin? || allowed_level?(level.to_i)
       end
 
       # Return true if the specified level is allowed for the current user.

spec/features/admin/admin_users_spec.rb

@@ -223,7 +223,7 @@ describe "Admin::Users", feature: true do
       it "changes user entry" do
         user.reload
         expect(user.name).to eq('Big Bang')
-        expect(user.is_admin?).to be_truthy
+        expect(user.admin?).to be_truthy
         expect(user.password_expires_at).to be <= Time.now
       end
     end

spec/models/user_spec.rb

@@ -315,7 +315,7 @@ describe User, models: true do
   end
 
   describe "Respond to" do
-    it { is_expected.to respond_to(:is_admin?) }
+    it { is_expected.to respond_to(:admin?) }
     it { is_expected.to respond_to(:name) }
     it { is_expected.to respond_to(:private_token) }
     it { is_expected.to respond_to(:external?) }
@@ -586,7 +586,7 @@ describe User, models: true do
     describe 'normal user' do
       let(:user) { create(:user, name: 'John Smith') }
 
-      it { expect(user.is_admin?).to be_falsey }
+      it { expect(user.admin?).to be_falsey }
       it { expect(user.require_ssh_key?).to be_truthy }
       it { expect(user.can_create_group?).to be_truthy }
       it { expect(user.can_create_project?).to be_truthy }

spec/requests/api/session_spec.rb

@@ -13,7 +13,7 @@ describe API::Session, api: true  do
 
         expect(json_response['email']).to eq(user.email)
         expect(json_response['private_token']).to eq(user.private_token)
-        expect(json_response['is_admin']).to eq(user.is_admin?)
+        expect(json_response['is_admin']).to eq(user.admin?)
         expect(json_response['can_create_project']).to eq(user.can_create_project?)
         expect(json_response['can_create_group']).to eq(user.can_create_group?)
       end
@@ -37,7 +37,7 @@ describe API::Session, api: true  do
 
         expect(json_response['email']).to eq user.email
         expect(json_response['private_token']).to eq user.private_token
-        expect(json_response['is_admin']).to eq user.is_admin?
+        expect(json_response['is_admin']).to eq user.admin?
         expect(json_response['can_create_project']).to eq user.can_create_project?
         expect(json_response['can_create_group']).to eq user.can_create_group?
       end
@@ -50,7 +50,7 @@ describe API::Session, api: true  do
 
         expect(json_response['email']).to eq user.email
         expect(json_response['private_token']).to eq user.private_token
-        expect(json_response['is_admin']).to eq user.is_admin?
+        expect(json_response['is_admin']).to eq user.admin?
         expect(json_response['can_create_project']).to eq user.can_create_project?
         expect(json_response['can_create_group']).to eq user.can_create_group?
       end