gitlab-org--gitlab-foss/app/services/todos/destroy/base_service.rb
Felipe Artur be33946819 Delete unauthorized Todos when project is private
Delete Todos for guest users when project visibility
level is updated to private.
2019-06-05 10:51:52 -03:00

39 lines
847 B
Ruby

# frozen_string_literal: true
module Todos
module Destroy
class BaseService
def execute
return unless todos_to_remove?
without_authorized(todos).delete_all
end
private
# rubocop: disable CodeReuse/ActiveRecord
def without_authorized(items)
items.where('todos.user_id NOT IN (?)', authorized_users)
end
# rubocop: enable CodeReuse/ActiveRecord
# rubocop: disable CodeReuse/ActiveRecord
def authorized_users
ProjectAuthorization.select(:user_id).where(project_id: project_ids)
end
# rubocop: enable CodeReuse/ActiveRecord
def todos
raise NotImplementedError
end
def project_ids
raise NotImplementedError
end
def todos_to_remove?
raise NotImplementedError
end
end
end
end