gitlab-org--gitlab-foss/app/services/members/create_service.rb

219 lines
6.3 KiB
Ruby

# frozen_string_literal: true
module Members
class CreateService < Members::BaseService
BlankInvitesError = Class.new(StandardError)
TooManyInvitesError = Class.new(StandardError)
MembershipLockedError = Class.new(StandardError)
DEFAULT_INVITE_LIMIT = 100
attr_reader :membership_locked
def initialize(*args)
super
@errors = []
@invites = invites_from_params
@source = params[:source]
@tasks_to_be_done_members = []
end
def execute
raise Gitlab::Access::AccessDeniedError unless can?(current_user, create_member_permission(source), source)
# rubocop:disable Layout/EmptyLineAfterGuardClause
raise Gitlab::Access::AccessDeniedError if adding_at_least_one_owner &&
cannot_assign_owner_responsibilities_to_member_in_project?
# rubocop:enable Layout/EmptyLineAfterGuardClause
validate_invite_source!
validate_invitable!
add_members
create_tasks_to_be_done
enqueue_onboarding_progress_action
publish_event!
result
rescue BlankInvitesError, TooManyInvitesError, MembershipLockedError => e
error(e.message)
end
def single_member
members.last
end
private
attr_reader :source, :errors, :invites, :member_created_namespace_id, :members,
:tasks_to_be_done_members, :member_created_member_task_id
def adding_at_least_one_owner
params[:access_level] == Gitlab::Access::OWNER
end
def cannot_assign_owner_responsibilities_to_member_in_project?
source.is_a?(Project) && !current_user.can?(:manage_owners, source)
end
def invites_from_params
# String, Nil, Array, Integer
return params[:user_id] if params[:user_id].is_a?(Array)
return [] unless params[:user_id]
params[:user_id].to_s.split(',').uniq
end
def validate_invite_source!
raise ArgumentError, s_('AddMember|No invite source provided.') unless invite_source.present?
end
def validate_invitable!
raise BlankInvitesError, blank_invites_message if invites.blank?
return unless user_limit && invites.size > user_limit
raise TooManyInvitesError,
format(s_("AddMember|Too many users specified (limit is %{user_limit})"), user_limit: user_limit)
end
def blank_invites_message
s_('AddMember|No users specified.')
end
def add_members
@members = source.add_members(
invites,
params[:access_level],
expires_at: params[:expires_at],
current_user: current_user,
tasks_to_be_done: params[:tasks_to_be_done],
tasks_project_id: params[:tasks_project_id]
)
members.each { |member| process_result(member) }
end
def process_result(member)
existing_errors = member.errors.full_messages
# calling invalid? clears any errors that were added outside of the
# rails validation process
if member.invalid? || existing_errors.present?
add_error_for_member(member, existing_errors)
else
after_execute(member: member)
@member_created_namespace_id ||= member.namespace_id
end
end
# overridden
def add_error_for_member(member, existing_errors)
prefix = "#{member.user.username}: " if member.user.present?
errors << "#{prefix}#{all_member_errors(member, existing_errors).to_sentence}"
end
def all_member_errors(member, existing_errors)
existing_errors.concat(member.errors.full_messages).uniq
end
def after_execute(member:)
super
build_tasks_to_be_done_members(member)
track_invite_source(member)
end
def track_invite_source(member)
Gitlab::Tracking.event(self.class.name,
'create_member',
label: invite_source,
property: tracking_property(member),
user: current_user)
end
def invite_source
params[:invite_source]
end
def tracking_property(member)
# ideally invites go down the invite service class instead, but there is nothing that limits an invite
# from being used in this class and if you send emails as a comma separated list to the api/members
# endpoint, it will support invites
member.invite? ? 'net_new_user' : 'existing_user'
end
def build_tasks_to_be_done_members(member)
return unless tasks_to_be_done?(member)
@tasks_to_be_done_members << member
# We can take the first `member_task` here, since all tasks will have the same attributes needed
# for the `TasksToBeDone::CreateWorker`, ie. `project` and `tasks_to_be_done`.
@member_created_member_task_id ||= member.member_task.id
end
def tasks_to_be_done?(member)
return false if params[:tasks_to_be_done].blank? || params[:tasks_project_id].blank?
# Only create task issues for existing users. Tasks for new users are created when they signup.
member.member_task&.valid? && member.user.present?
end
def create_tasks_to_be_done
return unless member_created_member_task_id # signal if there is any work to be done here
TasksToBeDone::CreateWorker.perform_async(member_created_member_task_id,
current_user.id,
tasks_to_be_done_members.map(&:user_id))
end
def user_limit
limit = params.fetch(:limit, DEFAULT_INVITE_LIMIT)
limit && limit < 0 ? nil : limit
end
def enqueue_onboarding_progress_action
return unless member_created_namespace_id
Onboarding::UserAddedWorker.perform_async(member_created_namespace_id)
end
def result
if errors.any?
error(formatted_errors)
else
success
end
end
def formatted_errors
errors.to_sentence
end
def publish_event!
Gitlab::EventStore.publish(
Members::MembersAddedEvent.new(data: {
source_id: source.id,
source_type: source.class.name
})
)
end
def create_member_permission(source)
case source
when Group
:admin_group_member
when Project
:admin_project_member
else
raise "Unknown source type: #{source.class}!"
end
end
end
end
Members::CreateService.prepend_mod_with('Members::CreateService')