Commit graph

12 commits

Author SHA1 Message Date
Toon Claes
aeaf58609b Make the GroupFinder specs more strict
Ensure the results match exactly and project authorizations do allow access to
sibling groups/projects deeper down.

Also apply WHERE scopes before running the UNION, to increase performance.
2017-06-15 08:46:34 +02:00
Toon Claes
ef1811f4bc Subgroups page should show groups authorized through inheritance
When a user is authorized to a group, they are also authorized to see all the
ancestor groups and descendant groups.

When a user is authorized to a project, they are authorized to see all the
ancestor groups too.

Closes #32135

See merge request !11764
2017-06-15 08:46:34 +02:00
Douwe Maan
ea4eb46047 Merge branch 'tc-fix-private-subgroups-shown' into 'security'
Use GroupsFinder to find subgroups the user has access to

See merge request !2096
2017-05-10 16:48:18 +02:00
Dmitriy Zaporozhets
2989192d1a
Store group and project full name and full path in routes table
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2017-02-08 19:14:29 +02:00
Douwe Maan
8db1292139 Tweaks, refactoring, and specs 2016-03-20 21:04:07 +01:00
Felipe Artur
0a7f716119 Code fixes 2016-03-17 19:42:46 -03:00
Felipe Artur
5551ccd720 Code improvements 2016-03-10 10:38:36 -03:00
Felipe Artur
f2a9ee258e Add permission level to groups 2016-03-10 10:38:36 -03:00
Valery Sizov
8b18449125 remove public field from namespace and refactoring 2016-01-04 16:00:29 +02:00
Yorick Peterse
2110247f83 Refactoed GroupsFinder into two separate classes
In the previous setup the GroupsFinder class had two distinct tasks:

1. Finding the projects user A could see
2. Finding the projects of user A that user B could see

Task two was actually handled outside of the GroupsFinder (in the
UsersController) by restricting the returned list of groups to those the
viewed user was a member of. Moving all this logic into a single finder
proved to be far too complex and confusing, hence there are now two
finders:

* GroupsFinder: for finding groups a user can see
* JoinedGroupsFinder: for finding groups that user A is a member of,
  restricted to either public groups or groups user B can also see.
2015-11-18 13:05:45 +01:00
Valery Sizov
6051c28fc0 Allow groups to appear in the search results if the group owner allows it 2015-11-05 13:18:51 +02:00
Dmitriy Zaporozhets
4ca6ebf017
Add GroupFinder for collection all groups user has access to
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
2014-06-05 20:36:59 +03:00