Merge branch '41981-allow-group-owner-to-enable-runners-from-subgroups' into 'master'
Resolve "Group owner cannot enable/disable specific-runners which was registered in a project under a subgroup" Closes #41981 See merge request gitlab-org/gitlab-ce!18009
This commit is contained in:
commit
f22df3e9c1
|
@ -993,7 +993,7 @@ class User < ActiveRecord::Base
|
|||
def ci_authorized_runners
|
||||
@ci_authorized_runners ||= begin
|
||||
runner_ids = Ci::RunnerProject
|
||||
.where("ci_runner_projects.project_id IN (#{ci_projects_union.to_sql})") # rubocop:disable GitlabSecurity/SqlInjection
|
||||
.where(project: authorized_projects(Gitlab::Access::MASTER))
|
||||
.select(:runner_id)
|
||||
Ci::Runner.specific.where(id: runner_ids)
|
||||
end
|
||||
|
@ -1204,15 +1204,6 @@ class User < ActiveRecord::Base
|
|||
], remove_duplicates: false)
|
||||
end
|
||||
|
||||
def ci_projects_union
|
||||
scope = { access_level: [Gitlab::Access::MASTER, Gitlab::Access::OWNER] }
|
||||
groups = groups_projects.where(members: scope)
|
||||
other = projects.where(members: scope)
|
||||
|
||||
Gitlab::SQL::Union.new([personal_projects.select(:id), groups.select(:id),
|
||||
other.select(:id)])
|
||||
end
|
||||
|
||||
# Added according to https://github.com/plataformatec/devise/blob/7df57d5081f9884849ca15e4fde179ef164a575f/README.md#activejob-integration
|
||||
def send_devise_notification(notification, *args)
|
||||
return true unless can?(:receive_notifications)
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: 'Allow group owner to enable runners from subgroups (#41981)'
|
||||
merge_request: 18009
|
||||
author:
|
||||
type: fixed
|
|
@ -1850,6 +1850,21 @@ describe User do
|
|||
|
||||
it_behaves_like :member
|
||||
end
|
||||
|
||||
context 'with subgroup with different owner for project runner', :nested_groups do
|
||||
let(:group) { create(:group) }
|
||||
let(:another_user) { create(:user) }
|
||||
let(:subgroup) { create(:group, parent: group) }
|
||||
let(:project) { create(:project, group: subgroup) }
|
||||
|
||||
def add_user(access)
|
||||
group.add_user(user, access)
|
||||
group.add_user(another_user, :owner)
|
||||
subgroup.add_user(another_user, :owner)
|
||||
end
|
||||
|
||||
it_behaves_like :member
|
||||
end
|
||||
end
|
||||
|
||||
describe '#projects_with_reporter_access_limited_to' do
|
||||
|
|
Loading…
Reference in New Issue