diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-05 18:10:10 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-08-05 18:10:10 +0000 |
commit | ea4766228b5536c83f1917d6058be913472ffa2d (patch) | |
tree | 5ebf5ea0f996be6c6908e6b631b72c33bc13e997 /app/services/authorized_project_update/project_group_link_create_service.rb | |
parent | 4b64dc27ae5bac20dec888431c236fef2bfdc449 (diff) | |
download | gitlab-ce-ea4766228b5536c83f1917d6058be913472ffa2d.tar.gz |
Add latest changes from gitlab-org/gitlab@13-2-stable-ee
Diffstat (limited to 'app/services/authorized_project_update/project_group_link_create_service.rb')
-rw-r--r-- | app/services/authorized_project_update/project_group_link_create_service.rb | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/app/services/authorized_project_update/project_group_link_create_service.rb b/app/services/authorized_project_update/project_group_link_create_service.rb index db2db091374..090b22a7820 100644 --- a/app/services/authorized_project_update/project_group_link_create_service.rb +++ b/app/services/authorized_project_update/project_group_link_create_service.rb @@ -6,9 +6,10 @@ module AuthorizedProjectUpdate BATCH_SIZE = 1000 - def initialize(project, group) + def initialize(project, group, group_access = nil) @project = project @group = group + @group_access = group_access end def execute @@ -19,19 +20,20 @@ module AuthorizedProjectUpdate user_ids_to_delete = [] members.each do |member| + new_access_level = access_level(member.access_level) existing_access_level = existing_authorizations[member.user_id] if existing_access_level # User might already have access to the project unrelated to the # current project share - next if existing_access_level >= member.access_level + next if existing_access_level >= new_access_level user_ids_to_delete << member.user_id end authorizations_to_create << { user_id: member.user_id, project_id: project.id, - access_level: member.access_level } + access_level: new_access_level } end update_authorizations(user_ids_to_delete, authorizations_to_create) @@ -42,7 +44,15 @@ module AuthorizedProjectUpdate private - attr_reader :project, :group + attr_reader :project, :group, :group_access + + def access_level(membership_access_level) + return membership_access_level unless group_access + + # access level must not be higher than the max access level set when + # creating the project share + [membership_access_level, group_access].min + end def existing_project_authorizations(members) user_ids = members.map(&:user_id) |