gitlab-org--gitlab-foss/app/finders
Robert Speicher c44474150c Limit labels returned for a specific project as an administrator
Prior, an administrator viewing a project's Labels page would see _all_
labels from every project they had access to, rather than only the
labels of that specific project (if any).

This was not an information disclosure, as admins have access to
everything, but it was a performance issue.
2016-11-16 15:04:51 +02:00
..
access_requests_finder.rb
branches_finder.rb
contributed_projects_finder.rb
group_projects_finder.rb
groups_finder.rb
issuable_finder.rb Merge branch '22481-honour-issue-visibility-for-groups' into 'security' 2016-11-09 12:24:13 +01:00
issues_finder.rb
joined_groups_finder.rb
labels_finder.rb Limit labels returned for a specific project as an administrator 2016-11-16 15:04:51 +02:00
merge_requests_finder.rb
milestones_finder.rb
move_to_project_finder.rb
notes_finder.rb
personal_projects_finder.rb
pipelines_finder.rb
projects_finder.rb
README.md
snippets_finder.rb
tags_finder.rb
todos_finder.rb
union_finder.rb

Finders

This type of classes responsible for collection items based on different conditions. To prevent lookup methods in models like this:

class Project
  def issues_for_user_filtered_by(user, filter)
    # A lot of logic not related to project model itself
  end
end

issues = project.issues_for_user_filtered_by(user, params)

Better use this:

issues = IssuesFinder.new(project, user, filter).execute

It will help keep models thiner.