Track who created a group or project member.

11 files changed, 35 insertions, 31 deletions

diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb
index 9d9adaa467f..22d045fc388 100644
--- a/app/controllers/admin/groups_controller.rb
+++ b/app/controllers/admin/groups_controller.rb
@@ -41,7 +41,7 @@ class Admin::GroupsController < Admin::ApplicationController
   end
 
   def members_update
-    @group.add_users(params[:user_ids].split(','), params[:access_level])
+    @group.add_users(params[:user_ids].split(','), params[:access_level], current_user)
 
     redirect_to [:admin, @group], notice: 'Users were successfully added.'
   end
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb
index 2df51c97a22..93fc4edb3bb 100644
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -22,7 +22,7 @@ class Groups::GroupMembersController < Groups::ApplicationController
   end
 
   def create
-    @group.add_users(params[:user_ids].split(','), params[:access_level])
+    @group.add_users(params[:user_ids].split(','), params[:access_level], current_user)
 
     redirect_to group_group_members_path(@group), notice: 'Users were successfully added.'
   end
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb
index 4ab15db01f7..e534db7af84 100644
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@@ -69,7 +69,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController
 
   def apply_import
     giver = Project.find(params[:source_project_id])
-    status = @project.team.import(giver)
+    status = @project.team.import(giver, current_user)
     notice = status ? "Successfully imported" : "Import failed"
 
     redirect_to(namespace_project_project_members_path(project.namespace, project),
diff --git a/app/models/group.rb b/app/models/group.rb
index da9621a2a1a..eec961f6012 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -46,19 +46,21 @@ class Group < Namespace
     @owners ||= group_members.owners.map(&:user)
   end
 
-  def add_users(user_ids, access_level)
+  def add_users(user_ids, access_level, current_user = nil)
     user_ids.compact.each do |user_id|
-      user = self.group_members.find_or_initialize_by(user_id: user_id)
-      user.update_attributes(access_level: access_level)
+      member = self.group_members.find_or_initialize_by(user_id: user_id)
+      member.access_level = access_level
+      member.created_by ||= current_user
+      member.save
     end
   end
 
-  def add_user(user, access_level)
-    self.group_members.create(user_id: user.id, access_level: access_level)
+  def add_user(user, access_level, current_user = nil)
+    add_users([user], access_level, current_user)
   end
 
-  def add_owner(user)
-    self.add_user(user, Gitlab::Access::OWNER)
+  def add_owner(user, current_user = nil)
+    self.add_user(user, Gitlab::Access::OWNER, current_user)
   end
 
   def has_owner?(user)
diff --git a/app/models/member.rb b/app/models/member.rb
index fe3d2f40e87..d92e69b2ce6 100644
--- a/app/models/member.rb
+++ b/app/models/member.rb
@@ -11,6 +11,10 @@
 #  type               :string(255)
 #  created_at         :datetime
 #  updated_at         :datetime
+#  created_by_id      :integer
+#  invite_email       :string
+#  invite_token       :string
+#  invite_accepted_at :datetime
 #
 
 class Member < ActiveRecord::Base
@@ -18,6 +22,7 @@ class Member < ActiveRecord::Base
   include Notifiable
   include Gitlab::Access
 
+  belongs_to :created_by, class_name: "User"
   belongs_to :user
   belongs_to :source, polymorphic: true
 
diff --git a/app/models/members/project_member.rb b/app/models/members/project_member.rb
index 6b13e0ff30b..2205041cd51 100644
--- a/app/models/members/project_member.rb
+++ b/app/models/members/project_member.rb
@@ -55,7 +55,7 @@ class ProjectMember < Member
     #     :master
     #   )
     #
-    def add_users_into_projects(project_ids, user_ids, access)
+    def add_users_into_projects(project_ids, user_ids, access, current_user = nil)
       access_level = if roles_hash.has_key?(access)
                        roles_hash[access]
                      elsif roles_hash.values.include?(access.to_i)
@@ -69,6 +69,7 @@ class ProjectMember < Member
           user_ids.each do |user_id|
             member = ProjectMember.new(access_level: access_level, user_id: user_id)
             member.source_id = project_id
+            member.created_by ||= current_user
             member.save
           end
         end
diff --git a/app/models/project_team.rb b/app/models/project_team.rb
index d4a07caf9ef..313e459d701 100644
--- a/app/models/project_team.rb
+++ b/app/models/project_team.rb
@@ -12,12 +12,12 @@ class ProjectTeam
   #   @team << [@users, :master]
   #
   def <<(args)
-    users = args.first
+    users, access, current_user = *args
 
     if users.respond_to?(:each)
-      add_users(users, args.second)
+      add_users(users, access, current_user)
     else
-      add_user(users, args.second)
+      add_user(users, access, current_user)
     end
   end
 
@@ -43,22 +43,19 @@ class ProjectTeam
     member
   end
 
-  def add_user(user, access)
-    add_users_ids([user.id], access)
-  end
-
-  def add_users(users, access)
-    add_users_ids(users.map(&:id), access)
-  end
-
-  def add_users_ids(user_ids, access)
+  def add_users(users, access, current_user = nil)
     ProjectMember.add_users_into_projects(
       [project.id],
-      user_ids,
-      access
+      users,
+      access,
+      current_user
     )
   end
 
+  def add_user(user, access, current_user = nil)
+    add_users([user], access, current_user)
+  end
+
   # Remove all users from project team
   def truncate
     ProjectMember.truncate_team(project)
@@ -88,7 +85,7 @@ class ProjectTeam
     @masters ||= fetch_members(:masters)
   end
 
-  def import(source_project)
+  def import(source_project, current_user = nil)
     target_project = project
 
     source_members = source_project.project_members.to_a
@@ -103,6 +100,7 @@ class ProjectTeam
       new_member = member.dup
       new_member.id = nil
       new_member.source = target_project
+      new_member.created_by = current_user
       new_member
     end
 
diff --git a/app/services/projects/create_service.rb b/app/services/projects/create_service.rb
index 7ffd0b3882a..a7afcf8f64b 100644
--- a/app/services/projects/create_service.rb
+++ b/app/services/projects/create_service.rb
@@ -83,7 +83,7 @@ module Projects
       system_hook_service.execute_hooks_for(@project, :create)
 
       unless @project.group
-        @project.team << [current_user, :master]
+        @project.team << [current_user, :master, current_user]
       end
 
       @project.update_column(:last_activity_at, @project.created_at)
diff --git a/app/services/projects/fork_service.rb b/app/services/projects/fork_service.rb
index 4ec98696a65..1e4deb6ed39 100644
--- a/app/services/projects/fork_service.rb
+++ b/app/services/projects/fork_service.rb
@@ -38,7 +38,7 @@ module Projects
             #First save the DB entries as they can be rolled back if the repo fork fails
             project.build_forked_project_link(forked_to_project_id: project.id, forked_from_project_id: @from_project.id)
             if project.save
-              project.team << [@current_user, :master]
+              project.team << [@current_user, :master, @current_user]
             end
 
             #Now fork the repo
diff --git a/lib/api/group_members.rb b/lib/api/group_members.rb
index 3a3987ab36e..ab9b7c602b5 100644
--- a/lib/api/group_members.rb
+++ b/lib/api/group_members.rb
@@ -34,7 +34,7 @@ module API
           render_api_error!("Already exists", 409)
         end
 
-        group.add_users([params[:user_id]], params[:access_level])
+        group.add_users([params[:user_id]], params[:access_level], current_user)
         member = group.group_members.find_by(user_id: params[:user_id])
         present member.user, with: Entities::GroupMember, group: group
       end
diff --git a/spec/requests/api/repositories_spec.rb b/spec/requests/api/repositories_spec.rb
index 729970153d1..09a79553f72 100644
--- a/spec/requests/api/repositories_spec.rb
+++ b/spec/requests/api/repositories_spec.rb
@@ -11,8 +11,6 @@ describe API::API, api: true  do
   let!(:master) { create(:project_member, user: user, project: project, access_level: ProjectMember::MASTER) }
   let!(:guest) { create(:project_member, user: user2, project: project, access_level: ProjectMember::GUEST) }
 
-  before { project.team << [user, :reporter] }
-
   describe "GET /projects/:id/repository/tags" do
     it "should return an array of project tags" do
       get api("/projects/#{project.id}/repository/tags", user)