diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 01:45:44 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-09-19 01:45:44 +0000 |
commit | 85dc423f7090da0a52c73eb66faf22ddb20efff9 (patch) | |
tree | 9160f299afd8c80c038f08e1545be119f5e3f1e1 /app/finders/concerns | |
parent | 15c2c8c66dbe422588e5411eee7e68f1fa440bb8 (diff) | |
download | gitlab-ce-85dc423f7090da0a52c73eb66faf22ddb20efff9.tar.gz |
Add latest changes from gitlab-org/gitlab@13-4-stable-ee
Diffstat (limited to 'app/finders/concerns')
-rw-r--r-- | app/finders/concerns/finder_methods.rb | 11 | ||||
-rw-r--r-- | app/finders/concerns/merged_at_filter.rb | 12 |
2 files changed, 9 insertions, 14 deletions
diff --git a/app/finders/concerns/finder_methods.rb b/app/finders/concerns/finder_methods.rb index 8de3276184d..622cbcf4928 100644 --- a/app/finders/concerns/finder_methods.rb +++ b/app/finders/concerns/finder_methods.rb @@ -30,7 +30,7 @@ module FinderMethods def if_authorized(result) # Return the result if the finder does not perform authorization checks. # this is currently the case in the `MilestoneFinder` - return result unless respond_to?(:current_user) + return result unless respond_to?(:current_user, true) if can_read_object?(result) result @@ -44,9 +44,14 @@ module FinderMethods # for Todos return true unless DeclarativePolicy.has_policy?(object) - model_name = object&.model_name || model.model_name + Ability.allowed?(current_user, :"read_#{to_ability_name(object)}", object) + end + + def to_ability_name(object) + return object.to_ability_name if object.respond_to?(:to_ability_name) - Ability.allowed?(current_user, :"read_#{model_name.singular}", object) + # Not all objects define `#to_ability_name`, so attempt to derive it: + object.model_name.singular end # This fetches the model from the `ActiveRecord::Relation` but does not diff --git a/app/finders/concerns/merged_at_filter.rb b/app/finders/concerns/merged_at_filter.rb index d2858ba2f88..581bcca3c25 100644 --- a/app/finders/concerns/merged_at_filter.rb +++ b/app/finders/concerns/merged_at_filter.rb @@ -3,7 +3,6 @@ module MergedAtFilter private - # rubocop: disable CodeReuse/ActiveRecord def by_merged_at(items) return items unless merged_after || merged_before @@ -11,11 +10,8 @@ module MergedAtFilter mr_metrics_scope = mr_metrics_scope.merged_after(merged_after) if merged_after.present? mr_metrics_scope = mr_metrics_scope.merged_before(merged_before) if merged_before.present? - scope = items.joins(:metrics).merge(mr_metrics_scope) - scope = target_project_id_filter_on_metrics(scope) if Feature.enabled?(:improved_mr_merged_at_queries) - scope + items.join_metrics.merge(mr_metrics_scope) end - # rubocop: enable CodeReuse/ActiveRecord def merged_after params[:merged_after] @@ -24,10 +20,4 @@ module MergedAtFilter def merged_before params[:merged_before] end - - # rubocop: disable CodeReuse/ActiveRecord - def target_project_id_filter_on_metrics(scope) - scope.where(MergeRequest.arel_table[:target_project_id].eq(MergeRequest::Metrics.arel_table[:target_project_id])) - end - # rubocop: enable CodeReuse/ActiveRecord end |