diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-05-20 14:34:42 +0000 |
commit | 9f46488805e86b1bc341ea1620b866016c2ce5ed (patch) | |
tree | f9748c7e287041e37d6da49e0a29c9511dc34768 /app/services/search_service.rb | |
parent | dfc92d081ea0332d69c8aca2f0e745cb48ae5e6d (diff) | |
download | gitlab-ce-9f46488805e86b1bc341ea1620b866016c2ce5ed.tar.gz |
Add latest changes from gitlab-org/gitlab@13-0-stable-ee
Diffstat (limited to 'app/services/search_service.rb')
-rw-r--r-- | app/services/search_service.rb | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/app/services/search_service.rb b/app/services/search_service.rb index c96599f9958..bf21eba28f7 100644 --- a/app/services/search_service.rb +++ b/app/services/search_service.rb @@ -6,6 +6,9 @@ class SearchService SEARCH_TERM_LIMIT = 64 SEARCH_CHAR_LIMIT = 4096 + DEFAULT_PER_PAGE = Gitlab::SearchResults::DEFAULT_PER_PAGE + MAX_PER_PAGE = 200 + def initialize(current_user, params = {}) @current_user = current_user @params = params.dup @@ -60,11 +63,19 @@ class SearchService end def search_objects - @search_objects ||= redact_unauthorized_results(search_results.objects(scope, params[:page])) + @search_objects ||= redact_unauthorized_results(search_results.objects(scope, page: params[:page], per_page: per_page)) end private + def per_page + per_page_param = params[:per_page].to_i + + return DEFAULT_PER_PAGE unless per_page_param.positive? + + [MAX_PER_PAGE, per_page_param].min + end + def visible_result?(object) return true unless object.respond_to?(:to_ability_name) && DeclarativePolicy.has_policy?(object) @@ -75,13 +86,13 @@ class SearchService results = results_collection.to_a permitted_results = results.select { |object| visible_result?(object) } - filtered_results = (results - permitted_results).each_with_object({}) do |object, memo| + redacted_results = (results - permitted_results).each_with_object({}) do |object, memo| memo[object.id] = { ability: :"read_#{object.to_ability_name}", id: object.id, class_name: object.class.name } end - log_redacted_search_results(filtered_results.values) if filtered_results.any? + log_redacted_search_results(redacted_results.values) if redacted_results.any? - return results_collection.id_not_in(filtered_results.keys) if results_collection.is_a?(ActiveRecord::Relation) + return results_collection.id_not_in(redacted_results.keys) if results_collection.is_a?(ActiveRecord::Relation) Kaminari.paginate_array( permitted_results, |