gitlab-org--gitlab-foss/app/finders
Robert Speicher e71cd7a300 Merge branch 'refactor/add-policies' into 'master'
Refactor ability.rb into Policies

## What does this MR do?
Factors out `ability.rb` into a new abstraction - the "policy" (stored in `app/policies`). A policy is a class named `#{class_name}Policy` (looked up automatically as needed) that implements `rules` as follows:

``` ruby
class ThingPolicy < BasePolicy
  def rules
    @user # this is a user to determine abilities for, optionally nil in the anonymous case
    @subject # this is the subject of the ability, guaranteed to be an instance of `Thing`
    can! :some_ability # grant the :some_ability permission
    cannot! :some_ability # ensure that :some_ability is not allowed. this overrides any `can!` that is called before or after
    delegate! @subject.other_thing # merge the abilities (can!) and prohibitions (cannot!) from `@subject.other_thing`
    can? :some_ability # test whether, so far, :some_ability is allowed
  end

  def anonymous_rules
    # optional. if not implemented `rules` is called where `@user` is nil. otherwise this method is called when `@user` is nil.
  end
end
```

See merge request !5796
2016-08-31 20:53:40 +00:00
..
branches_finder.rb implements the basic filter functionality 2016-07-19 19:30:10 +01:00
contributed_projects_finder.rb
group_projects_finder.rb Fix groups API to list only user's accessible projects 2016-05-24 18:14:12 -07:00
groups_finder.rb
issuable_finder.rb remove Ability.abilities 2016-08-30 11:35:06 -07:00
issues_finder.rb
joined_groups_finder.rb
merge_requests_finder.rb
milestones_finder.rb
move_to_project_finder.rb Move to project dropdown with infinite scroll for better performance 2016-08-18 15:31:51 +02:00
notes_finder.rb Fix notes on confidential issues through JSON to users without access 2016-06-14 17:51:17 -03:00
personal_projects_finder.rb
pipelines_finder.rb PipelinesFinder use git cached data 2016-06-29 07:10:58 +02:00
projects_finder.rb Pass project IDs relation to ProjectsFinder instead of using a block 2016-08-15 12:49:31 +02:00
README.md
snippets_finder.rb Project members with guest role can't access confidential issues 2016-06-13 19:32:00 -03:00
tags_finder.rb add specs for tags finder 2016-08-31 19:16:47 +01:00
todos_finder.rb remove Ability.abilities 2016-08-30 11:35:06 -07:00
trending_projects_finder.rb
union_finder.rb

Finders

This type of classes responsible for collection items based on different conditions. To prevent lookup methods in models like this:

class Project
  def issues_for_user_filtered_by(user, filter)
    # A lot of logic not related to project model itself
  end
end

issues = project.issues_for_user_filtered_by(user, params)

Better use this:

issues = IssuesFinder.new(project, user, filter).execute

It will help keep models thiner.