diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-19 09:08:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2021-08-19 09:08:42 +0000 |
commit | b76ae638462ab0f673e5915986070518dd3f9ad3 (patch) | |
tree | bdab0533383b52873be0ec0eb4d3c66598ff8b91 /app/models/members | |
parent | 434373eabe7b4be9593d18a585fb763f1e5f1a6f (diff) | |
download | gitlab-ce-b76ae638462ab0f673e5915986070518dd3f9ad3.tar.gz |
Add latest changes from gitlab-org/gitlab@14-2-stable-eev14.2.0-rc42
Diffstat (limited to 'app/models/members')
-rw-r--r-- | app/models/members/group_member.rb | 16 | ||||
-rw-r--r-- | app/models/members/project_member.rb | 24 |
2 files changed, 32 insertions, 8 deletions
diff --git a/app/models/members/group_member.rb b/app/models/members/group_member.rb index cf5906a4cbf..a13133c90e9 100644 --- a/app/models/members/group_member.rb +++ b/app/models/members/group_member.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class GroupMember < Member + extend ::Gitlab::Utils::Override include FromUnion include CreatedAtFilterable @@ -28,8 +29,6 @@ class GroupMember < Member attr_accessor :last_owner, :last_blocked_owner - self.enumerate_columns_in_select_statements = true - def self.access_level_roles Gitlab::Access.options_with_owner end @@ -51,6 +50,19 @@ class GroupMember < Member { group: group } end + override :refresh_member_authorized_projects + def refresh_member_authorized_projects + # Here, `destroyed_by_association` will be present if the + # GroupMember is being destroyed due to the `dependent: :destroy` + # callback on Group. In this case, there is no need to refresh the + # authorizations, because whenever a Group is being destroyed, + # its projects are also destroyed, so the removal of project_authorizations + # will happen behind the scenes via DB foreign keys anyway. + return if destroyed_by_association.present? + + super + end + private def access_level_inclusion diff --git a/app/models/members/project_member.rb b/app/models/members/project_member.rb index 5040879e177..b45c0b6a0cc 100644 --- a/app/models/members/project_member.rb +++ b/app/models/members/project_member.rb @@ -1,6 +1,7 @@ # frozen_string_literal: true class ProjectMember < Member + extend ::Gitlab::Utils::Override SOURCE_TYPE = 'Project' belongs_to :project, foreign_key: 'source_id' @@ -19,11 +20,6 @@ class ProjectMember < Member .where(projects: { namespace_id: groups.select(:id) }) end - scope :without_project_bots, -> do - left_join_users - .merge(User.without_project_bot) - end - class << self # Add users to projects with passed access option # @@ -48,7 +44,7 @@ class ProjectMember < Member project_ids.each do |project_id| project = Project.find(project_id) - Members::Projects::CreatorService.add_users( # rubocop:todo CodeReuse/ServiceClass + Members::Projects::CreatorService.add_users( # rubocop:disable CodeReuse/ServiceClass project, users, access_level, @@ -94,6 +90,22 @@ class ProjectMember < Member { project: project } end + override :refresh_member_authorized_projects + def refresh_member_authorized_projects + return super unless Feature.enabled?(:specialized_service_for_project_member_auth_refresh) + return unless user + + # rubocop:disable CodeReuse/ServiceClass + AuthorizedProjectUpdate::ProjectRecalculatePerUserService.new(project, user).execute + + # Until we compare the inconsistency rates of the new, specialized service and + # the old approach, we still run AuthorizedProjectsWorker + # but with some delay and lower urgency as a safety net. + UserProjectAccessChangedService.new(user_id) + .execute(blocking: false, priority: UserProjectAccessChangedService::LOW_PRIORITY) + # rubocop:enable CodeReuse/ServiceClass + end + private def send_invite |