Commit graph

18 commits

Author SHA1 Message Date
Valery Sizov
921677782f Implement CreateMembers service to make controller thin 2016-11-01 10:17:04 +02:00
Rémy Coutable
61e2b88dd1
Allow Members::ApproveAccessRequestService to accept a new :force param
This param allows to bypass permission check. It is useful for LDAP-sync
where even owners don't have the :admin_group_member permission.

See
6081c37123/app/policies/group_policy.rb (L38)
and https://gitlab.com/gitlab-org/gitlab-ee/issues/1159

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-10-28 15:45:26 +02:00
Rémy Coutable
e9d7b4f765 Invert method's naming
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-10-03 16:57:48 +02:00
Rémy Coutable
c8b1311934 Fix a few things after the initial improvment to Members::DestroyService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-10-03 16:57:48 +02:00
Rémy Coutable
3158f57dba Improve Members::DestroyService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-10-03 16:57:48 +02:00
Robert Speicher
076e040639 Merge branch 'rc-new-members-request-access-service' into 'master'
New `Members::RequestAccessService`

Part of #21979.

See merge request !6265
2016-10-02 11:33:06 +00:00
Rémy Coutable
94996963c5 Inverse condition in Members::ApproveAccessRequestService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-09-22 15:50:48 +02:00
Rémy Coutable
5dcdf1d51b Ensure Members::ApproveAccessRequestService can fin a requester by ID
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-09-22 15:50:48 +02:00
Rémy Coutable
b3f0a82f50 New Members::ApproveAccessRequestService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-09-22 15:50:47 +02:00
Rémy Coutable
94edafdf09 Inverse condition in Members::RequestAccessService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-09-22 11:12:18 +02:00
Rémy Coutable
6b02127f03 New Members::RequestAccessService
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-09-22 11:12:17 +02:00
Sean McGivern
d2cd9d9696 Ensure last group owner isn't removed on expiry 2016-08-18 21:32:42 +01:00
Sean McGivern
8b1656282b Merge branch 'master' into expiration-date-on-memberships 2016-08-18 15:54:07 +01:00
Rémy Coutable
29850364ec New AccessRequests API endpoints for Group & Project
Also, mutualize AccessRequests and Members endpoints for Group &
Project.
New API documentation for the AccessRequests endpoints.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-08-10 19:07:05 +02:00
Adam Niedzielski
b4b51441aa Extract Members::AuthorizedDestroyService from Members::DestroyService. 2016-08-04 23:34:57 +02:00
Rémy Coutable
654565c9dc Raise a new Gitlab::Access::AccessDeniedError when permission is not enough to destroy a member
This is a try for a new approach to put the access checks at the service level.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-06-18 06:06:34 +02:00
Rémy Coutable
a08a26ac81 Don't send the "access declined" email on access request withdrawal
Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-06-18 05:46:45 +02:00
Rémy Coutable
4652489f40 New Members::DestroyService
This is to ensure we don't send unwanted notifications when deleting a
project. In other words, stop abusing AR callbacks and use services.

Signed-off-by: Rémy Coutable <remy@rymai.me>
2016-06-18 05:46:45 +02:00