Commit graph

11 commits

Author SHA1 Message Date
Roger Rüttimann
bc7877e8c1 show only groups an admin is a member of in dashboards/grops 2018-05-01 09:24:21 +00:00
Robert Speicher
72a7b30c9f Change all :empty_project to :project 2017-08-02 17:47:31 -04:00
Toon Claes
aeaf58609b Make the GroupFinder specs more strict
Ensure the results match exactly and project authorizations do allow access to
sibling groups/projects deeper down.

Also apply WHERE scopes before running the UNION, to increase performance.
2017-06-15 08:46:34 +02:00
Toon Claes
ef1811f4bc Subgroups page should show groups authorized through inheritance
When a user is authorized to a group, they are also authorized to see all the
ancestor groups and descendant groups.

When a user is authorized to a project, they are authorized to see all the
ancestor groups too.

Closes #32135

See merge request !11764
2017-06-15 08:46:34 +02:00
Douwe Maan
ea4eb46047 Merge branch 'tc-fix-private-subgroups-shown' into 'security'
Use GroupsFinder to find subgroups the user has access to

See merge request !2096
2017-05-10 16:48:18 +02:00
Zeger-Jan van de Weg
b959ae553b Improve group visibility level feature 2016-03-18 16:58:04 -03:00
Felipe Artur
0a7f716119 Code fixes 2016-03-17 19:42:46 -03:00
Felipe Artur
f2a9ee258e Add permission level to groups 2016-03-10 10:38:36 -03:00
Valery Sizov
8b18449125 remove public field from namespace and refactoring 2016-01-04 16:00:29 +02:00
Yorick Peterse
2110247f83 Refactoed GroupsFinder into two separate classes
In the previous setup the GroupsFinder class had two distinct tasks:

1. Finding the projects user A could see
2. Finding the projects of user A that user B could see

Task two was actually handled outside of the GroupsFinder (in the
UsersController) by restricting the returned list of groups to those the
viewed user was a member of. Moving all this logic into a single finder
proved to be far too complex and confusing, hence there are now two
finders:

* GroupsFinder: for finding groups a user can see
* JoinedGroupsFinder: for finding groups that user A is a member of,
  restricted to either public groups or groups user B can also see.
2015-11-18 13:05:45 +01:00
Yorick Peterse
b4646391ee Renamed GroupsFinder spec file so the name matches 2015-11-18 13:05:45 +01:00
Renamed from spec/finders/group_finder_spec.rb (Browse further)