Add min_access_level filter to groups API
Signed-off-by: Marko, Peter <peter.marko@siemens.com>
This commit is contained in:
parent
5dadd8bd94
commit
9cdf4292c5
|
@ -8,6 +8,7 @@
|
|||
# owned: boolean
|
||||
# parent: Group
|
||||
# all_available: boolean (defaults to true)
|
||||
# min_access_level: integer
|
||||
#
|
||||
# Users with full private access can see all groups. The `owned` and `parent`
|
||||
# params can be used to restrict the groups that are returned.
|
||||
|
@ -39,6 +40,7 @@ class GroupsFinder < UnionFinder
|
|||
|
||||
def all_groups
|
||||
return [owned_groups] if params[:owned]
|
||||
return [groups_with_min_access_level] if min_access_level?
|
||||
return [Group.all] if current_user&.full_private_access? && all_available?
|
||||
|
||||
groups = []
|
||||
|
@ -56,6 +58,16 @@ class GroupsFinder < UnionFinder
|
|||
current_user.groups
|
||||
end
|
||||
|
||||
def groups_with_min_access_level
|
||||
groups = current_user
|
||||
.groups
|
||||
.where('members.access_level >= ?', params[:min_access_level])
|
||||
|
||||
Gitlab::GroupHierarchy
|
||||
.new(groups)
|
||||
.base_and_descendants
|
||||
end
|
||||
|
||||
def by_parent(groups)
|
||||
return groups unless params[:parent]
|
||||
|
||||
|
@ -73,4 +85,8 @@ class GroupsFinder < UnionFinder
|
|||
def all_available?
|
||||
params.fetch(:all_available, true)
|
||||
end
|
||||
|
||||
def min_access_level?
|
||||
current_user && params[:min_access_level].present?
|
||||
end
|
||||
end
|
||||
|
|
|
@ -10,13 +10,14 @@ Parameters:
|
|||
| Attribute | Type | Required | Description |
|
||||
| --------- | ---- | -------- | ----------- |
|
||||
| `skip_groups` | array of integers | no | Skip the group IDs passed |
|
||||
| `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for admin) |
|
||||
| `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for admin); Attributes `owned` and `min_access_level` have precedence |
|
||||
| `search` | string | no | Return the list of authorized groups matching the search criteria |
|
||||
| `order_by` | string | no | Order groups by `name`, `path` or `id`. Default is `name` |
|
||||
| `sort` | string | no | Order groups in `asc` or `desc` order. Default is `asc` |
|
||||
| `statistics` | boolean | no | Include group statistics (admins only) |
|
||||
| `with_custom_attributes` | boolean | no | Include [custom attributes](custom_attributes.md) in response (admins only) |
|
||||
| `owned` | boolean | no | Limit to groups owned by the current user |
|
||||
| `owned` | boolean | no | Limit to groups explicitly owned by the current user |
|
||||
| `min_access_level` | integer | no | Limit to groups where current user has at least this [access level](members.md) |
|
||||
|
||||
```
|
||||
GET /groups
|
||||
|
@ -94,13 +95,14 @@ Parameters:
|
|||
| --------- | ---- | -------- | ----------- |
|
||||
| `id` | integer/string | yes | The ID or [URL-encoded path of the group](README.md#namespaced-path-encoding) of the parent group |
|
||||
| `skip_groups` | array of integers | no | Skip the group IDs passed |
|
||||
| `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for admin) |
|
||||
| `all_available` | boolean | no | Show all the groups you have access to (defaults to `false` for authenticated users, `true` for admin); Attributes `owned` and `min_access_level` have precedence |
|
||||
| `search` | string | no | Return the list of authorized groups matching the search criteria |
|
||||
| `order_by` | string | no | Order groups by `name`, `path` or `id`. Default is `name` |
|
||||
| `sort` | string | no | Order groups in `asc` or `desc` order. Default is `asc` |
|
||||
| `statistics` | boolean | no | Include group statistics (admins only) |
|
||||
| `with_custom_attributes` | boolean | no | Include [custom attributes](custom_attributes.md) in response (admins only) |
|
||||
| `owned` | boolean | no | Limit to groups owned by the current user |
|
||||
| `owned` | boolean | no | Limit to groups explicitly owned by the current user |
|
||||
| `min_access_level` | integer | no | Limit to groups where current user has at least this [access level](members.md) |
|
||||
|
||||
```
|
||||
GET /groups/:id/subgroups
|
||||
|
|
|
@ -34,11 +34,12 @@ module API
|
|||
optional :owned, type: Boolean, default: false, desc: 'Limit by owned by authenticated user'
|
||||
optional :order_by, type: String, values: %w[name path id], default: 'name', desc: 'Order by name, path or id'
|
||||
optional :sort, type: String, values: %w[asc desc], default: 'asc', desc: 'Sort by asc (ascending) or desc (descending)'
|
||||
optional :min_access_level, type: Integer, values: Gitlab::Access.all_values, desc: 'Minimum access level of authenticated user'
|
||||
use :pagination
|
||||
end
|
||||
|
||||
def find_groups(params, parent_id = nil)
|
||||
find_params = params.slice(:all_available, :custom_attributes, :owned)
|
||||
find_params = params.slice(:all_available, :custom_attributes, :owned, :min_access_level)
|
||||
find_params[:parent] = find_group!(parent_id) if parent_id
|
||||
find_params[:all_available] =
|
||||
find_params.fetch(:all_available, current_user&.full_private_access?)
|
||||
|
|
|
@ -226,6 +226,25 @@ describe API::Groups do
|
|||
expect(json_response.first['name']).to eq(group2.name)
|
||||
end
|
||||
end
|
||||
|
||||
context 'when using min_access_level in the request' do
|
||||
let!(:group3) { create(:group, :private) }
|
||||
let(:response_groups) { json_response.map { |group| group['id'] } }
|
||||
|
||||
before do
|
||||
group1.add_developer(user2)
|
||||
group3.add_master(user2)
|
||||
end
|
||||
|
||||
it 'returns an array of groups the user has at least master access' do
|
||||
get api('/groups', user2), min_access_level: 40
|
||||
|
||||
expect(response).to have_gitlab_http_status(200)
|
||||
expect(response).to include_pagination_headers
|
||||
expect(json_response).to be_an Array
|
||||
expect(response_groups).to eq([group2.id, group3.id])
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe "GET /groups/:id" do
|
||||
|
|
Loading…
Reference in New Issue