92 lines
2.4 KiB
Ruby
92 lines
2.4 KiB
Ruby
# frozen_string_literal: true
|
||
|
||
module Groups
|
||
class CreateService < Groups::BaseService
|
||
def initialize(user, params = {})
|
||
@current_user, @params = user, params.dup
|
||
@chat_team = @params.delete(:create_chat_team)
|
||
end
|
||
|
||
def execute
|
||
remove_unallowed_params
|
||
set_visibility_level
|
||
|
||
@group = Group.new(params)
|
||
|
||
after_build_hook(@group, params)
|
||
|
||
unless can_use_visibility_level? && can_create_group?
|
||
return @group
|
||
end
|
||
|
||
@group.name ||= @group.path.dup
|
||
|
||
if create_chat_team?
|
||
response = Mattermost::CreateTeamService.new(@group, current_user).execute
|
||
return @group if @group.errors.any?
|
||
|
||
@group.build_chat_team(name: response['name'], team_id: response['id'])
|
||
end
|
||
|
||
Group.transaction do
|
||
if @group.save
|
||
@group.add_owner(current_user)
|
||
@group.create_namespace_settings
|
||
Service.create_from_active_default_integrations(@group, :group_id) if Feature.enabled?(:group_level_integrations)
|
||
end
|
||
end
|
||
|
||
@group
|
||
end
|
||
|
||
private
|
||
|
||
def after_build_hook(group, params)
|
||
# overridden in EE
|
||
end
|
||
|
||
def remove_unallowed_params
|
||
params.delete(:default_branch_protection) unless can?(current_user, :create_group_with_default_branch_protection)
|
||
end
|
||
|
||
def create_chat_team?
|
||
Gitlab.config.mattermost.enabled && @chat_team && group.chat_team.nil?
|
||
end
|
||
|
||
def can_create_group?
|
||
if @group.subgroup?
|
||
unless can?(current_user, :create_subgroup, @group.parent)
|
||
@group.parent = nil
|
||
@group.errors.add(:parent_id, s_('CreateGroup|You don’t have permission to create a subgroup in this group.'))
|
||
|
||
return false
|
||
end
|
||
else
|
||
unless can?(current_user, :create_group)
|
||
@group.errors.add(:base, s_('CreateGroup|You don’t have permission to create groups.'))
|
||
|
||
return false
|
||
end
|
||
end
|
||
|
||
true
|
||
end
|
||
|
||
def can_use_visibility_level?
|
||
unless Gitlab::VisibilityLevel.allowed_for?(current_user, visibility_level)
|
||
deny_visibility_level(@group)
|
||
return false
|
||
end
|
||
|
||
true
|
||
end
|
||
|
||
def set_visibility_level
|
||
return if visibility_level.present?
|
||
|
||
params[:visibility_level] = Gitlab::CurrentSettings.current_application_settings.default_group_visibility
|
||
end
|
||
end
|
||
end
|
||
|
||
Groups::CreateService.prepend_if_ee('EE::Groups::CreateService')
|